e72b0bdfcde42b79c8b9266fc25c37d62a2c536d33c32eb6dcb4e2a17961f2ff

Analysis

max time kernel
58s
max time network
31s
platform
windows11-21h2_x64
resource
win11-20240704-en
resource tags

arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system
submitted
05-07-2024 04:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

newdcnyash/updatelauncher.bat
Size

89B
MD5

71db8073aea6b65d3f9e645600f40f89
SHA1

0689dc2689952987c83dcb5627dec48ce861648c
SHA256

10f58e38447bfcb3da550f9bd4cb991603bc877d74c7165860f797e7fec535e9
SHA512

86bf18f61e94f8362ff73a75506c3c55daa41a666501d0897a8667b463100e3782d9e5a633d92765c1bd177658c53acffed65eee0540f836c7896408347cf085

Score

7^/10

motw phishing

Malware Config

Signatures

Executes dropped EXE 1 IoCs

Processes:

DCRat.exe

pid process

4464 DCRat.exe
Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
phishing motw

Processes:

flow ioc

4 https://t.me/DarkCrystalRAT/33?embed=1&mode=tme
Delays execution with timeout.exe 1 IoCs
evasion

Processes:

timeout.exe

pid process

1252 timeout.exe

pid	process
4464	DCRat.exe

flow	ioc
4	https://t.me/DarkCrystalRAT/33?embed=1&mode=tme

pid	process
1252	timeout.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

WMIC.exeWMIC.exe

description	pid	process
Token: SeIncreaseQuotaPrivilege	1608	WMIC.exe
Token: SeSecurityPrivilege	1608	WMIC.exe
Token: SeTakeOwnershipPrivilege	1608	WMIC.exe
Token: SeLoadDriverPrivilege	1608	WMIC.exe
Token: SeSystemProfilePrivilege	1608	WMIC.exe
Token: SeSystemtimePrivilege	1608	WMIC.exe
Token: SeProfSingleProcessPrivilege	1608	WMIC.exe
Token: SeIncBasePriorityPrivilege	1608	WMIC.exe
Token: SeCreatePagefilePrivilege	1608	WMIC.exe
Token: SeBackupPrivilege	1608	WMIC.exe
Token: SeRestorePrivilege	1608	WMIC.exe
Token: SeShutdownPrivilege	1608	WMIC.exe
Token: SeDebugPrivilege	1608	WMIC.exe
Token: SeSystemEnvironmentPrivilege	1608	WMIC.exe
Token: SeRemoteShutdownPrivilege	1608	WMIC.exe
Token: SeUndockPrivilege	1608	WMIC.exe
Token: SeManageVolumePrivilege	1608	WMIC.exe
Token: 33	1608	WMIC.exe
Token: 34	1608	WMIC.exe
Token: 35	1608	WMIC.exe
Token: 36	1608	WMIC.exe
Token: SeIncreaseQuotaPrivilege	1608	WMIC.exe
Token: SeSecurityPrivilege	1608	WMIC.exe
Token: SeTakeOwnershipPrivilege	1608	WMIC.exe
Token: SeLoadDriverPrivilege	1608	WMIC.exe
Token: SeSystemProfilePrivilege	1608	WMIC.exe
Token: SeSystemtimePrivilege	1608	WMIC.exe
Token: SeProfSingleProcessPrivilege	1608	WMIC.exe
Token: SeIncBasePriorityPrivilege	1608	WMIC.exe
Token: SeCreatePagefilePrivilege	1608	WMIC.exe
Token: SeBackupPrivilege	1608	WMIC.exe
Token: SeRestorePrivilege	1608	WMIC.exe
Token: SeShutdownPrivilege	1608	WMIC.exe
Token: SeDebugPrivilege	1608	WMIC.exe
Token: SeSystemEnvironmentPrivilege	1608	WMIC.exe
Token: SeRemoteShutdownPrivilege	1608	WMIC.exe
Token: SeUndockPrivilege	1608	WMIC.exe
Token: SeManageVolumePrivilege	1608	WMIC.exe
Token: 33	1608	WMIC.exe
Token: 34	1608	WMIC.exe
Token: 35	1608	WMIC.exe
Token: 36	1608	WMIC.exe
Token: SeIncreaseQuotaPrivilege	2604	WMIC.exe
Token: SeSecurityPrivilege	2604	WMIC.exe
Token: SeTakeOwnershipPrivilege	2604	WMIC.exe
Token: SeLoadDriverPrivilege	2604	WMIC.exe
Token: SeSystemProfilePrivilege	2604	WMIC.exe
Token: SeSystemtimePrivilege	2604	WMIC.exe
Token: SeProfSingleProcessPrivilege	2604	WMIC.exe
Token: SeIncBasePriorityPrivilege	2604	WMIC.exe
Token: SeCreatePagefilePrivilege	2604	WMIC.exe
Token: SeBackupPrivilege	2604	WMIC.exe
Token: SeRestorePrivilege	2604	WMIC.exe
Token: SeShutdownPrivilege	2604	WMIC.exe
Token: SeDebugPrivilege	2604	WMIC.exe
Token: SeSystemEnvironmentPrivilege	2604	WMIC.exe
Token: SeRemoteShutdownPrivilege	2604	WMIC.exe
Token: SeUndockPrivilege	2604	WMIC.exe
Token: SeManageVolumePrivilege	2604	WMIC.exe
Token: 33	2604	WMIC.exe
Token: 34	2604	WMIC.exe
Token: 35	2604	WMIC.exe
Token: 36	2604	WMIC.exe
Token: SeIncreaseQuotaPrivilege	2604	WMIC.exe

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

javaw.exejavaw.exe

pid process

1784 javaw.exe
1784 javaw.exe
2572 javaw.exe
2572 javaw.exe

pid	process
1784	javaw.exe
1784	javaw.exe
2572	javaw.exe
2572	javaw.exe

Suspicious use of WriteProcessMemory 40 IoCs

Processes:

cmd.exedcrat_updservice.exejavaw.exeexplorer.exeDCRat.exejavaw.execmd.execmd.execmd.execmd.execmd.execmd.exe

description	pid	process	target process
PID 3664 wrote to memory of 1252	3664	cmd.exe	timeout.exe
PID 3664 wrote to memory of 1252	3664	cmd.exe	timeout.exe
PID 3664 wrote to memory of 1380	3664	cmd.exe	dcrat_updservice.exe
PID 3664 wrote to memory of 1380	3664	cmd.exe	dcrat_updservice.exe
PID 3664 wrote to memory of 1380	3664	cmd.exe	dcrat_updservice.exe
PID 1380 wrote to memory of 1784	1380	dcrat_updservice.exe	javaw.exe
PID 1380 wrote to memory of 1784	1380	dcrat_updservice.exe	javaw.exe
PID 1784 wrote to memory of 232	1784	javaw.exe	explorer.exe
PID 1784 wrote to memory of 232	1784	javaw.exe	explorer.exe
PID 4908 wrote to memory of 4464	4908	explorer.exe	DCRat.exe
PID 4908 wrote to memory of 4464	4908	explorer.exe	DCRat.exe
PID 4908 wrote to memory of 4464	4908	explorer.exe	DCRat.exe
PID 4464 wrote to memory of 2572	4464	DCRat.exe	javaw.exe
PID 4464 wrote to memory of 2572	4464	DCRat.exe	javaw.exe
PID 2572 wrote to memory of 4248	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 4248	2572	javaw.exe	cmd.exe
PID 4248 wrote to memory of 1608	4248	cmd.exe	WMIC.exe
PID 4248 wrote to memory of 1608	4248	cmd.exe	WMIC.exe
PID 2572 wrote to memory of 5000	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 5000	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 3536	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 3536	2572	javaw.exe	cmd.exe
PID 3536 wrote to memory of 2604	3536	cmd.exe	WMIC.exe
PID 3536 wrote to memory of 2604	3536	cmd.exe	WMIC.exe
PID 2572 wrote to memory of 4036	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 4036	2572	javaw.exe	cmd.exe
PID 4036 wrote to memory of 2528	4036	cmd.exe	WMIC.exe
PID 4036 wrote to memory of 2528	4036	cmd.exe	WMIC.exe
PID 2572 wrote to memory of 3332	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 3332	2572	javaw.exe	cmd.exe
PID 3332 wrote to memory of 1176	3332	cmd.exe	WMIC.exe
PID 3332 wrote to memory of 1176	3332	cmd.exe	WMIC.exe
PID 2572 wrote to memory of 3460	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 3460	2572	javaw.exe	cmd.exe
PID 3460 wrote to memory of 4548	3460	cmd.exe	WMIC.exe
PID 3460 wrote to memory of 4548	3460	cmd.exe	WMIC.exe
PID 2572 wrote to memory of 3508	2572	javaw.exe	cmd.exe
PID 2572 wrote to memory of 3508	2572	javaw.exe	cmd.exe
PID 3508 wrote to memory of 2112	3508	cmd.exe	WMIC.exe
PID 3508 wrote to memory of 2112	3508	cmd.exe	WMIC.exe

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\newdcnyash\updatelauncher.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:3664

C:\Windows\system32\timeout.exe
TIMEOUT /T 3 /NOBREAK
2⤵
- Delays execution with timeout.exe
PID:1252

C:\Users\Admin\AppData\Local\Temp\newdcnyash\dcrat_updservice.exe
"C:\Users\Admin\AppData\Local\Temp\newdcnyash\/dcrat_updservice.exe"
2⤵
- Suspicious use of WriteProcessMemory
PID:1380

C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Dfile.encoding=UTF-8 -classpath "C:\Users\Admin\AppData\Local\Temp\newdcnyash\dcrat_updservice.exe" org.develnext.jphp.ext.javafx.FXLauncher
3⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1784

C:\Windows\explorer.exe
explorer C:\Users\Admin\AppData\Local\Temp\newdcnyash\DCRat.exe
4⤵
PID:232

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Suspicious use of WriteProcessMemory
PID:4908

C:\Users\Admin\AppData\Local\Temp\newdcnyash\DCRat.exe
"C:\Users\Admin\AppData\Local\Temp\newdcnyash\DCRat.exe"
2⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
PID:4464

C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Dprism.dirtyopts=false -Dfile.encoding=UTF-8 -classpath "lib\.;lib\..;lib\IIlIllIIlIllllIIIlIIlllIIIIIlIlllIIIIllllllIlIIlllIlIlIlllIIIlIIllIIIIlIllIlIlIlIlIlIIlllIlllIIllIIllIlIlllIlIIlllIIIIll.jar;lib\IIllIIIIIlIlIIlIIIllIllllIIIlllIIIlIlIIlIlIllllIIlIIllIlIlIllIIIIIlIlllllllIIIIlIIlIIllIIIlIlIlllIIIIllllIllIIIIIIlIllII.jar;lib\IlIIIIllIIIIIIIIIllIlIllIIIlIIllIIlIIllIIlIlIIIIIIIIIIlllIIlIllIIIlIlIllIllIlIlIlIlIllIlIllIlllIIllIlIllIlIIlllIIIIIlIlI.jar;lib\IlIlIIIIIIlIIIIIIllIlIIlIllIllIlIIIlIllllIlIlllIIlIIllIllIIlIlllIIIllllIlIllIIIIIIIIIlIIlIllIIllIIlIllIIIIlIIllIllllIlIl.jar;lib\IllIIIIIIIlllIIIlIlIllIIIIIllIllIlIIlIllIlIIlIllIIlIlIlIlllllllIIlllllllIIlIIIlIlIlIIlIllllIlllIIllllIIlllllIllIIIlIlIlI.jar;lib\IllIIIIIIlIIIIIlIllIIIIlIlIIIIlIIllIIllIIlIlllIlIlIlIIIlllllIlllIllIIIlllllIlIlIlIlllIlIIllIlIIlIlIIllIlIIllIlIlIIIlIIIl.jar;lib\IlllIIlllllIIllIIIlIIlIlIlIllllIlllIllllIIIIIlIllIIIIllIIlllIllIlIlIlIIIIllIllIIllllllIllIIlllIIIlIllllIlIllIIIIIIIIlIll.jar;lib\lIIIIIIllIllllllIIlllIlIIIIlIIllllIIIIIIIIllIIIIIlIIIIIIIlllIIIIIIlIIIlIlIlIlIlIllIllIlIllIlIlIIllIlIIIIlllIllIIllIIlIIl.jar;lib\lIIlIIlllIIIIIIlllIllIIIlIlIllIlllIlIllIllllIllIIIlIlIIIlIllIllIIlllIlllllIIIlIIlIIlIIIlIlllIIllIIIIlllIIIIlIIlllIlllllI.jar;lib\lIlllIIlIIlllIIllIIIlIIIIIlIlIlIIIIlIllIIlllIlllIllIlllIlIlIlllIIllIIllIIIlIllIIIlllIlllllIlIlIIlIIIIIllllIlIllIIllIllII.jar;lib\lIllllIllIlIIlIlIlllIIIllIIIIlIIllIllllIIlIIIIIlIIIlIIIIIIIIIIIIIIllIllIIlIlIlIlllllIlllllIIIIIIlIlIIIlIIllllIlIIIlIlllI.jar;lib\lIlllllIIlIllIllllIIIIlIIlIIIIIllIlllIIlIIllIllIIIlIIlllIllIIlllIIIlllIllllllllllIlIIIlIIlIllIIllIlllIlIlIIIIIIlllllIIlI.jar;lib\llIIIlllIIIllIIIIllIllIIlIIIlIllIlIIIIlIlIlIIllIIIlIIIlIIlllIIlIlIIIlIllllIIIIlIllIllllIlllIIlIIIIllIlIlIIlIIIllllllllIl.jar;lib\llIlIlIIIIIIllIllIIllIIlIlIlIllIIlllllIIlIIIIlIIIIIllIlIlIIIlIlIllllIlIlllIIlllIllIIIlIllllIIIllllIlllllIIIIIIllIlIIlIIl.jar;lib\llIlIlIIlllIllIlllIlIIIlIIIIlllIIIllIllllIIIIIIIIlllIlIIlllIIllIIllIlIIIllIIIIlIIlIllllIlIlllIllIIIIlIIlllIlIlIllIIlIllI.jar;lib\llIlIllIllIllIlIlllIlllIIIllllllIlIIlIllIlIlIlllIllIIIIIlllIIlIIlIllllIIIlllIllIIlIIIIIIlIlIIllIIIIlIlllIllIIlIlllIIIllI.jar" org.develnext.jphp.ext.javafx.FXLauncher
3⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2572

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe baseboard get Manufacturer
4⤵
- Suspicious use of WriteProcessMemory
PID:4248

C:\Windows\System32\wbem\WMIC.exe
C:\Windows\System32\wbem\wmic.exe baseboard get Manufacturer
5⤵
- Suspicious use of AdjustPrivilegeToken
PID:1608

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c USERPROFILE
4⤵
PID:5000

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe baseboard get Product
4⤵
- Suspicious use of WriteProcessMemory
PID:3536

C:\Windows\System32\wbem\WMIC.exe
C:\Windows\System32\wbem\wmic.exe baseboard get Product
5⤵
- Suspicious use of AdjustPrivilegeToken
PID:2604

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe CPU get ProcessorId
4⤵
- Suspicious use of WriteProcessMemory
PID:4036

C:\Windows\System32\wbem\WMIC.exe
C:\Windows\System32\wbem\wmic.exe CPU get ProcessorId
5⤵
PID:2528

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'serialnumber'
4⤵
- Suspicious use of WriteProcessMemory
PID:3332

C:\Windows\System32\wbem\WMIC.exe
C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'serialnumber'
5⤵
PID:1176

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe Path Win32_VideoController Get VideoProcessor
4⤵
- Suspicious use of WriteProcessMemory
PID:3460

C:\Windows\System32\wbem\WMIC.exe
C:\Windows\System32\wbem\wmic.exe Path Win32_VideoController Get VideoProcessor
5⤵
PID:4548

C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'size'
4⤵
- Suspicious use of WriteProcessMemory
PID:3508

C:\Windows\System32\wbem\WMIC.exe
C:\Windows\System32\wbem\wmic.exe diskdrive where 'Index=0' get 'size'
5⤵
PID:2112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
Filesize
46B

MD5
a034a3938eb124fe4960035ed27c481a

SHA1
49dcb33954d1d8f19e20aea0ff38c91a0f78f2d2

SHA256
4472099e236fb3d68ba5c44547f98d118fdaee77c2ca0bba6c2596a18b8a7512

SHA512
e5efb7775fceb2adab8ed7dfbebe035cd13c0be333a32d0af48118f3118100caa51140c3aa10ed2f7a2ed4250f8c3596585ac34a52394da294d15a6d704a91a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\DCRat.exe
Filesize
72KB

MD5
2c7d37e90dd8ab57d06dad5bc7956885

SHA1
da789c107c4c68b8250b6589e45e5a3cf7a9a143

SHA256
5ede5d774ab65f25357cf5a1fa5e354f6f2a9868651a0fa717485802b21b1939

SHA512
e74ae891771bfd9c6fcdfbe8e4f33f0d5f7c3457cd84b257500cdaf8fa8b16fe458a18db9b3a60591465982fc2871f4c3f2e7541c765f00a0516f805e7e9ca0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\background.cache
Filesize
1.4MB

MD5
23b27297cd0d26b71ca215bde1389383

SHA1
81f01eae48a77792771a9afc4eeb58ebf6d83baf

SHA256
455a7f5c31350e9285fba8c66a9c979014295b70fc75fa4cb71405198f81a600

SHA512
be06b86a904c541961e109756e2d64d9b0f40df0f106a3647b2d485e72725dbd9d269f774a89bb28fd8c1719a5f6ccea7e187befac683ef929cd49bdd43bed4a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\design\BrowsersStealer_native_table.json
Filesize
646B

MD5
1636bd49096db0da8950830bb7623fc2

SHA1
33cc39b80f61310a538434e649638ffce1deb509

SHA256
48cff9a838321e3e94c09850e2a0066f983483e5392cf34f0bb8dee06243e239

SHA512
14cfd3db019e0e56b15121e4794290ea3cb576d3aa707b086be404c234593a1ab5a257fe70b7b29c786be7601136d7891536f7f22209e14aae9f8fb7dfefd76b

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\design\ClientsStealer_native_table.json
Filesize
553B

MD5
f7ea715546229414175cbc3af4edd19b

SHA1
fba5a0f8f02c988022dedba68dd6c13b4ddf7b16

SHA256
04f3b9197836b371bbe41b8a697d38279eefb0e05fb35b120f8f10d41ad56da7

SHA512
64d1559c6870c875d93a6b89fca6921754b74a4c59e16a4ec16931cebd079d38202f3533aed18d97747edd95a45623c62ae5f6feee884ecc437d2b8f17e78026

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\design\Keylogger_native_table.json
Filesize
226B

MD5
dc775737035388a3f4e8710e2eaa534d

SHA1
7021f397a6aa0f05ae538e052213c3a70bc3e6e6

SHA256
78baf226b6baf5f0f5fbe0c25831e5d533a436ed497237c336c0aec6ec5e19c2

SHA512
223ab881e2360b0ef0f25bc46aaada8544f13e9f6bf049121c6905682000cf32f98fef51b51ecd1a467183022276cf8e665812198857ad64b9edbc97a23d20c0

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\design\PluginsLoader_native.json
Filesize
1KB

MD5
f95369232ea564572d22588b40e51f25

SHA1
a49d68690973e83c382e39ef6c962e37a1236751

SHA256
fc4c68781b2343805da72ff8f8cec9882a1d36d8f3cacaa8707391589f6be262

SHA512
e5a96f0caee17274096f7b4bd5bcfd8e85cc1c56c1cd3a5b93431736bf7bacbe1cd18cacba1f8689f0b7447cb26745e23845502596c2b42e901997f5619fca17

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IIlIllIIlIllllIIIlIIlllIIIIIlIlllIIIIllllllIlIIlllIlIlIlllIIIlIIllIIIIlIllIlIlIlIlIlIIlllIlllIIllIIllIlIlllIlIIlllIIIIll.jar
Filesize
688KB

MD5
6696368a09c7f8fed4ea92c4e5238cee

SHA1
f89c282e557d1207afd7158b82721c3d425736a7

SHA256
c25d7a7b8f0715729bccb817e345f0fdd668dd4799c8dab1a4db3d6a37e7e3e4

SHA512
0ab24f07f956e3cdcd9d09c3aa4677ff60b70d7a48e7179a02e4ff9c0d2c7a1fc51624c3c8a5d892644e9f36f84f7aaf4aa6d2c9e1c291c88b3cff7568d54f76

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IIllIIIIIlIlIIlIIIllIllllIIIlllIIIlIlIIlIlIllllIIlIIllIlIlIllIIIIIlIlllllllIIIIlIIlIIllIIIlIlIlllIIIIllllIllIIIIIIlIllII.jar
Filesize
1.5MB

MD5
9ea3f51be2154e9b797e575153310a19

SHA1
feaf787cd94bb60e8bfacad21b4346c358b55c0a

SHA256
97758e611a82fc721ab1a7d2542b3ec33b1124e03b4c4798720a4c3756470ed0

SHA512
a5cace6e7069909a2aa8bacbe5e8dca61ecb195f4696a7467a0d1ee0f7f6043afcb27c43c1e1b496cf14aa4dde9e2d61352145840bac3bcb996b0bf2c047db37

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IlIIIIllIIIIIIIIIllIlIllIIIlIIllIIlIIllIIlIlIIIIIIIIIIlllIIlIllIIIlIlIllIllIlIlIlIlIllIlIllIlllIIllIlIllIlIIlllIIIIIlIlI.jar
Filesize
16KB

MD5
b50e2c75f5f0e1094e997de8a2a2d0ca

SHA1
d789eb689c091536ea6a01764bada387841264cb

SHA256
cf4068ebb5ecd47adec92afba943aea4eb2fee40871330d064b69770cccb9e23

SHA512
57d8ac613805edada6aeba7b55417fd7d41c93913c56c4c2c1a8e8a28bbb7a05aade6e02b70a798a078dc3c747967da242c6922b342209874f3caf7312670cb0

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IlIlIIIIIIlIIIIIIllIlIIlIllIllIlIIIlIllllIlIlllIIlIIllIllIIlIlllIIIllllIlIllIIIIIIIIIlIIlIllIIllIIlIllIIIIlIIllIllllIlIl.jar
Filesize
2.3MB

MD5
6316f84bc78d40b138dab1adc978ca5d

SHA1
b12ea05331ad89a9b09937367ebc20421f17b9ff

SHA256
d637e3326f87a173abd5f51ac98906a3237b9e511d07d31d6aafcf43f33dac17

SHA512
1cdca01ed9c2bc607207c8c51f4b532f4153e94b3846308332eccae25f9c5fddf8279e3063f44a75dd43d696eab0f9f340f9bf2f3ec805ab0f2f1de5135a426c

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IllIIIIIIIlllIIIlIlIllIIIIIllIllIlIIlIllIlIIlIllIIlIlIlIlllllllIIlllllllIIlIIIlIlIlIIlIllllIlllIIllllIIlllllIllIIIlIlIlI.jar
Filesize
103KB

MD5
b47c87129ff035cbf60ad5fd15b9ce32

SHA1
8819ba0dbd3f9f2df2a3b18554d31386925dcabe

SHA256
c25b377d6776b3c6c538340cae263c4c3dea7c4f94961bbe323ff79c569fce3c

SHA512
d022b363dc6e4e183ae6ea44b5019d088bddf63b4f85ce4676775388c76df01e3e8a63a0ca03f0e4f1191c121a28393a5da47cd7dc05d84d12722f4835909cd6

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IllIIIIIIlIIIIIlIllIIIIlIlIIIIlIIllIIllIIlIlllIlIlIlIIIlllllIlllIllIIIlllllIlIlIlIlllIlIIllIlIIlIlIIllIlIIllIlIlIIIlIIIl.jar
Filesize
31KB

MD5
6c7ed18ba835a47b32bac14d83c90bc1

SHA1
6a8237ae3f6cccd788aa47b2ecc22f580e810a01

SHA256
7f2f1bbfad38be1382913af2b7c2622470fa3af976fbd1f386c189af8ad136fa

SHA512
9670ede560347dffbbb0761e2de817ddbc426daa0fd97a53b1fd3c8a031dd6d5c2b0c6cebb21d1dffd23b45e504895736634939f75c39c48d580542ccd7ea66c

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\IlllIIlllllIIllIIIlIIlIlIlIllllIlllIllllIIIIIlIllIIIIllIIlllIllIlIlIlIIIIllIllIIllllllIllIIlllIIIlIllllIlIllIIIIIIIIlIll.jar
Filesize
19KB

MD5
0a79304556a1289aa9e6213f574f3b08

SHA1
7ee3bde3b1777bf65d4f62ce33295556223a26cd

SHA256
434e57fffc7df0b725c1d95cabafdcdb83858ccb3e5e728a74d3cf33a0ca9c79

SHA512
1560703d0c162d73c99cef9e8ddc050362e45209cc8dea6a34a49e2b6f99aae462eae27ba026bdb29433952b6696896bb96998a0f6ac0a3c1dbbb2f6ebc26a7e

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\lIIIIIIllIllllllIIlllIlIIIIlIIllllIIIIIIIIllIIIIIlIIIIIIIlllIIIIIIlIIIlIlIlIlIlIllIllIlIllIlIlIIllIlIIIIlllIllIIllIIlIIl.jar
Filesize
12KB

MD5
3e5e8cccff7ff343cbfe22588e569256

SHA1
66756daa182672bff27e453eed585325d8cc2a7a

SHA256
0f26584763ef1c5ec07d1f310f0b6504bc17732f04e37f4eb101338803be0dc4

SHA512
8ea5f31e25c3c48ee21c51abe9146ee2a270d603788ec47176c16acac15dad608eef4fa8ca0f34a1bbc6475c29e348bd62b0328e73d2e1071aaa745818867522

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\lIIlIIlllIIIIIIlllIllIIIlIlIllIlllIlIllIllllIllIIIlIlIIIlIllIllIIlllIlllllIIIlIIlIIlIIIlIlllIIllIIIIlllIIIIlIIlllIlllllI.jar
Filesize
250KB

MD5
fe734f7ab030363362fe3d3ba5e8f913

SHA1
2e9d54e3b410557c51c3ea101d66efbb5266b80a

SHA256
03ead999502aefbf1380bd2e9c4a407acb7a92a7b2fe61f6995aba3fca85efd4

SHA512
303ecea5f3f1130f473cde0d78270090290b6f13311bf7459282257ac3097b2b6086db461183f2d8c97a9101372155bf59bbfa12a74925136d0a2a615b648b2a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\lIlllIIlIIlllIIllIIIlIIIIIlIlIlIIIIlIllIIlllIlllIllIlllIlIlIlllIIllIIllIIIlIllIIIlllIlllllIlIlIIlIIIIIllllIlIllIIllIllII.jar
Filesize
11.1MB

MD5
2dcf906085da2edec6170e8c0c612101

SHA1
71c88008e76cbf155edcf47bab2a640a23d9fce8

SHA256
5b754ac8c7642967cd79034d6f8640b938aa4ee41927bfc65481f1f0d1d4134b

SHA512
626f16064492110601e2c1d55d2c126977efabda4f15a6ad8e9f865eac3ac56cb22a5bc2c32502414604b197a17a809f4655c6648955c4e445b8c501d913123a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\lIllllIllIlIIlIlIlllIIIllIIIIlIIllIllllIIlIIIIIlIIIlIIIIIIIIIIIIIIllIllIIlIlIlIlllllIlllllIIIIIIlIlIIIlIIllllIlIIIlIlllI.jar
Filesize
226KB

MD5
5134a2350f58890ffb9db0b40047195d

SHA1
751f548c85fa49f330cecbb1875893f971b33c4e

SHA256
2d43eb5ea9e133d2ee2405cc14f5ee08951b8361302fdd93494a3a997b508d32

SHA512
c3cdaf66a99e6336abc80ff23374f6b62ac95ab2ae874c9075805e91d849b18e3f620cc202b4978fc92b73d98de96089c8714b1dd096b2ae1958cfa085715f7a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\lIlllllIIlIllIllllIIIIlIIlIIIIIllIlllIIlIIllIllIIIlIIlllIllIIlllIIIlllIllllllllllIlIIIlIIlIllIIllIlllIlIlIIIIIIlllllIIlI.jar
Filesize
16KB

MD5
fde38932b12fc063451af6613d4470cc

SHA1
bc08c114681a3afc05fb8c0470776c3eae2eefeb

SHA256
9967ea3c3d1aee8db5a723f714fba38d2fc26d8553435ab0e1d4e123cd211830

SHA512
0f211f81101ced5fff466f2aab0e6c807bb18b23bc4928fe664c60653c99fa81b34edf5835fcc3affb34b0df1fa61c73a621df41355e4d82131f94fcc0b0e839

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\llIIIlllIIIllIIIIllIllIIlIIIlIllIlIIIIlIlIlIIllIIIlIIIlIIlllIIlIlIIIlIllllIIIIlIllIllllIlllIIlIIIIllIlIlIIlIIIllllllllIl.jar
Filesize
549KB

MD5
55b846c68a6cbaa2344342d8d7f0c779

SHA1
cb82af503d6d515a9fac3ec6adfb5a1a36eb6e46

SHA256
bb3bde3c3729767432620b0e865dbc1b517132ce3dbfd69a817f2bc617ff031f

SHA512
16a04125f44c0844dc7b39b13aef6ce4006e0c97a8f2b3ca160e2f623f5e4a9f439862270cb4cd8be80a5766c69fda0ca454c50310e5a579abfdf976b4b030a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\llIlIlIIIIIIllIllIIllIIlIlIlIllIIlllllIIlIIIIlIIIIIllIlIlIIIlIlIllllIlIlllIIlllIllIIIlIllllIIIllllIlllllIIIIIIllIlIIlIIl.jar
Filesize
19KB

MD5
fc6a26acdce0acd2d56904e17bc79f0e

SHA1
2e63d25e9ac5ac594e6b66103b88a0b8228a4dbe

SHA256
2759150bc72303fe10e6dfab84087a77bafa22af97b4f4760f4466d96adca806

SHA512
3f74f96b9ebb51c5d2237585eba0a838a4f601a9af8260cbe2ee68b9c321fb7aaf90f91506df133f873952d9ca5064ceacbf39fef8bfa0457c6e7b716fe1223c

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\llIlIlIIlllIllIlllIlIIIlIIIIlllIIIllIllllIIIIIIIIlllIlIIlllIIllIIllIlIIIllIIIIlIIlIllllIlIlllIllIIIIlIIlllIlIlIllIIlIllI.jar
Filesize
50KB

MD5
d093f94c050d5900795de8149cb84817

SHA1
54058dda5c9e66a22074590072c8a48559bba1fb

SHA256
4bec0794a0d69debe2f955bf495ea7c0858ad84cb0d2d549cacb82e70c060cba

SHA512
3faaa415fba5745298981014d0042e8e01850fccaac22f92469765fd8c56b920da877ff3138a629242d9c52e270e7e2ce89e7c69f6902859f48ea0359842e2fb

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\lib\llIlIllIllIllIlIlllIlllIIIllllllIlIIlIllIlIlIlllIllIIIIIlllIIlIIlIllllIIIlllIllIIlIIIIIIlIlIIllIIIIlIlllIllIIlIlllIIIllI.jar
Filesize
262KB

MD5
cf99a6b63f45f7f20963e43b55766d26

SHA1
9e2f86dff86eb065fb6fcf776da8b148ebb21e60

SHA256
e29ee818b2e7ef9fb3ebae9a49a3d6613f18ea2b756a305eecf8a7fe083d1972

SHA512
af7302d350d45837e207dcc91bd95e5891b62f19c682a7443d65feeee0aa6f3d0040c9a67a990cd9a81dfc6b899ffabbb01b44bda830d5bb48332419e2b65930

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Audio_native.plg
Filesize
134B

MD5
8ac7b72bc99bf0963d72f1e6f5cb3daf

SHA1
bdb16c87ae2ec6e3a029f5317816a70ddade3857

SHA256
90aef04ca6ae7221a44b45e50d8a9a9e1bff6e4ed17c5883fe0c6560c8db5206

SHA512
3958443b7e73135b310db53bc7cd4da871ce3ddcce0fbad5c77405f36af38474e50ee3d4748bec2e7b1207b36b5a3695ab1006fc37071bb28ad8e32b59dab6bb

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Audio_native\configuration.json
Filesize
154B

MD5
27b29dfa53c8bdc9112efc58149ad8ca

SHA1
739e9d401e13aebb90f30af0c090a115ca10849d

SHA256
0e70b651580562952f265ad855607c9b118492aa4abaa52d995bc0b10c1ed603

SHA512
08bbee207c35880ce818b422af2f8847c6ba1ee0360bb947e141e8ae2a12c1e2fb0aaca0a63c99a705b01d7c482d2277d7740754195ae2ac69f0be39ec9ccb08

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Autorun_native.plg
Filesize
120B

MD5
a3a068663e768c251433ae27ff6b1267

SHA1
414e98bee4fdfefa632681cea326f75656fb1502

SHA256
6507b86f8289eb0649bdfac6303d7101c266731556c40b35944932519216b5c3

SHA512
da5c4a737896e6e2891e757a1dedad0a82d28c84a41c8299c1e225d85c02410ae9bfe53f2da8797d4d44aa61da42c94f39bf312c3c59014b5e51975e63e95121

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Autorun_native\configuration.json
Filesize
177B

MD5
25f49a2d7ccbbf6dc38aa096d300fb96

SHA1
0613a4747d39ded5a679f79dd5083da36a85dd3f

SHA256
355bd7c67cd14e4f2e687aef644eb33deb3b52b8502a6a9622c06067d8a5885c

SHA512
9a8485d9e564e0e9dd507f525fbe7fc80e2f9436e2371ccdb71b4cc99df5218d6889423e53f10cf73a26aa20c96ce48257a66bb1b60614541ac1d5190cba0069

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\BrowsersStealer_native.plg
Filesize
146B

MD5
c961b23e2ea7ae8b9ef0dbbf89858828

SHA1
4abf9cac5fd6b4921a46e14e7a4572a50b88c430

SHA256
b3ffa55519f1c9c57c7d712aff8e9c52b06c5b9dfab1fc6113a79b734ba5a211

SHA512
f818449a12c20132c28309cb6c7301847e8d27544966038915ee5d5dd2f391cf29a0a47c4f9da3ecfc126337bbf63fe82cd511b2887cc8dfa291718bf62e7643

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\BrowsersStealer_native\configuration.json
Filesize
164B

MD5
a6bf5267dc19edb590fe2f3f3b22181d

SHA1
939974f8abfc21d5130902e85a35e6be9a7c78d1

SHA256
86d09d372465eabb63483cf983455efcdfac168d40f401ea4699db05f0cf1d96

SHA512
2a10d9611abc6b26a9c2abd2312578adc75704159327c33ea4026ad0342b3dd2ddd2f809b7b1619704887797f7241a14b558c32e8d5532b1212cc0e424014703

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\CMD_native.plg
Filesize
128B

MD5
4629063bdef75a733472882f7d043118

SHA1
37c017a596e97d2cb8a854cb9dffa62ee151053e

SHA256
6a251d511466b148dffaa608afd752399eed02a79fc6e1c9ee305d1aec473781

SHA512
2fa246addeaf31f09c22cf9ebbbd852317167276832908f85d300dd0a1dcca2c962cd40f1c95fc085278e86bf8bcb2f40892f76e59c3e9a84ea7130ef81f9528

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\CMD_native\configuration.json
Filesize
152B

MD5
3df4e2d044af857fab8bdb9c46a565e4

SHA1
f5dbdeb6c1e8c5fd6a7019dc1c60bd197ec80db0

SHA256
676a72640659bd910f3a0764695a27f47648bb47a52c82d17672dbac2caba65d

SHA512
73dcabb1e4bb60b6f92052144b4d1fe06a5a095df9a6b82186fa7c3732869f4cb2d10668d2f3625e457b7b9dc27c884dc90d89e9f74bea32bfdfe5d943c5d127

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Chat_native.plg
Filesize
131B

MD5
784309ece3edf0be434916dbe3ef827e

SHA1
ac618954e4c98897b03508b2b5eb94704325ac75

SHA256
39b1a342bd729c5e7a9fc38485c1a34b223840b16c55da51dd6119b0b9859f64

SHA512
65cf0f23f8a5496eb57ef08cdfab5c1162c10cf18ee6bb7478a5e742a34794bff7d963cfdf5aa047657c1934dcc876fd7add217db9e9c511d61fd2f5b1edd8b0

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Chat_native\configuration.json
Filesize
153B

MD5
78fe0b20fb0683bc13739513cf826f2f

SHA1
2afa83e9ff6495260ccc27829e8539762c8de3ea

SHA256
2d5abb9269144f96a3126aa02ad5a5108989e83583f22acfcdbb1fb7319d5aa5

SHA512
9c1560e50723a09e1ab04cf922295bc7c180e1c35dae1089964ff94051b231af797897e3612ca5f24dd73247340e11ee4f20be506ab25afdf219e8fa67eb9bb1

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\ClientsStealer_native.plg
Filesize
143B

MD5
e8e671b4d9266af293efd3dc106b1a6d

SHA1
cef9ff0b5b23767a049062c1b18fbeeb60250f56

SHA256
3048fee32fd98c549f3568f14dd9985c776dfde3f6dfd4772c74f05a7212835e

SHA512
3e4f8e3afb018e2fee400b56ae7310a87b2ccd141fbb5d5f7c2a6e9b3f69d1a0a1bf12a3bb7c7633fca7215e4f8238f50d07fd60d7fb0cc0a14d6d14678653fa

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\ClientsStealer_native\configuration.json
Filesize
163B

MD5
d3b2e0627432012083215387f96d9ef9

SHA1
207ab0e6d4bac1a996a1ba327c5153527729cd0e

SHA256
cb9a59527f96f79a509b9c2ce18ed4dca46656f225add8148d81005f85e4b8c8

SHA512
a112539e8ff035cc558532f51a854cdfbb3ac65ca0819639129d337d3d2577c20234634b3bb6e09cc737a43a7c36f1c75756a6e87e26ede951052b3926b10d3f

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Code_native.plg
Filesize
131B

MD5
f085b0bbe5365f543baff07b40713274

SHA1
f16346d8a880ee61386af264107320b6f917cf62

SHA256
7bb29808fe64c6c36904aad6439b23291ce12c8cc45bcaa7be5942c7062e1fe8

SHA512
222c4dbdb3681a23b2ce94b88dc40213f60a1a48691b0253fbbc12d1114f8121080e8f07864de9915e35560f14700ec53200a304726559db39a0453e9a937c3c

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Code_native\configuration.json
Filesize
153B

MD5
64114564fd2ac6a6715f16ed470345b6

SHA1
ecabc2a7ddcb0230bec547c118a252a05a9780ec

SHA256
23b8f658205d40e7d04ef1a2089466de1bc80ab5a336b6953551f7ed29370c17

SHA512
267d396ae26d4de8c573b52fdeb2ec82977ba8918b1c14aadd53a2567c61f759bffea417bebe4e4ca9d8c70933ac95b3bb594383154d373e6cc78927f30d6272

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Common_native.plg
Filesize
137B

MD5
7a38e79f706f9169e4f842e7d58c60ac

SHA1
9eee0de07688701618d4bf60543816683a74dcf8

SHA256
deb95e89516c7cb405f20cd83e74b58b2b31f1ab3c062e2b3b4529618ed3b122

SHA512
4bf57bc8d4b8b34db49b18fb09c1c42a0406a3ca1fea4390a873af8bd2ebedd6d1d993d6921b76bc52ccf47a2428a2a20f7918691259683c18d6c4edcf5b1efd

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Common_native\configuration.json
Filesize
155B

MD5
95089808e2bc839604c455731996f8e0

SHA1
63528ba2da349a9412aa4ad6f9a657d3c6c4165a

SHA256
9798a0842677c687c4eb35d84a95ae34224e7bff0462a7361769e02360b01d2e

SHA512
195fb5dd62bebba1cb61f34bf87ac61b3c0931f302ecc85fa10e99932edea9f928f930564b8407b6b8ac6e3d5c5b6b709a9ad09ac047ceb967f7f88c4c90e037

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Common_native\icon.png
Filesize
2KB

MD5
a8e72c0e27750ce36da3110126c38afe

SHA1
e96bc3555f8ed8e715af94d492965b4e6597563c

SHA256
a4f7e5adde35c1979fbf2cc44b37e2907ec963468443e34262b207dd3dab81b8

SHA512
e43e2c6abb6006c783331cb8b0e290560bb65f7cfd0e113bbddb31a6978aee31fb39a2b22b38ef83f27d512152329d066bc270e640e8900b2746a2a4e0b4dd48

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\FileManager_native.plg
Filesize
154B

MD5
8a1c44ece7e46eaca58e3ad2767f2fe3

SHA1
f70447ee75ed7d218654aaf0f085561209352db2

SHA256
88f3b5540e2ad220225894955e6cf05d4c46ece38c67b597e46f9ad3924f4fba

SHA512
4815f3464c53dc8a9b8f04dba10005b180809579af31c0f3681492b9d87ca4937c91719fe9296bbc19c149adaf4b84c4022af18cfc1e0b533122efffc39bdf09

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\FileManager_native\configuration.json
Filesize
160B

MD5
761e69e04cf0019bb57409cbeebec0bb

SHA1
4dfde249c9deca8dbc84162df71a9789d12eb87c

SHA256
f5ea910df747890070605afbdf0bc582001d7eace14187a4809b9c73feb10f3e

SHA512
4983b8f8243d4acb6cc03f44b585cf12c86b6bd34df3b176c44cff64d9757ba6278d221edb970d27aea5910a831743b9a94b08e3ebc554b7ebaaaaa383392e2a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Fun_native.plg
Filesize
128B

MD5
0bee4971d216e821978d17e011c12b77

SHA1
6174992174087a26d3956a9aa4a171b229e2128f

SHA256
a9c1ad17732a655b559ff069442c8c850a46ab5e29470e20588e52f75074311c

SHA512
661c1241b2da849a4509bfb62b16b50bfe8c94d5e769e65076de46420ae2e7c66c4dc7a883b4a232aba629fd2a4c59338f2e1578cd0a67dd55044d6d6ee51540

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Fun_native\configuration.json
Filesize
152B

MD5
143816a3ed0fa2d30b0a80ce6c785de0

SHA1
a7068228cbfb78ddaa490000b1bb9f363176d592

SHA256
7585f3b80568c39c79e9dc7ee8e799e6d375f14e2e266751a4cfcc88aaf7676b

SHA512
c32c6b9ff9d91b8688eeb942c4c333b2bcad417dd3a3fcb1328240ee2e18b6e2bba44fb8dc9a463853ca9b290a90c1e739d34a1e775e86bab632d4398fd47a0a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\HiddenRemoteDesktop_native.plg
Filesize
180B

MD5
5524b5d071453819ad18cf0d73a23ac6

SHA1
a6ba215d8fab4187e61630889cc2cee9b64167f3

SHA256
790bbd40fbe0e4c223ab96200c8f34489728c11256d6676fadaa237a0c4db46d

SHA512
55d958c781c708977fa0d7999abfc625cfb510b2c6c75aa4da51fcc42361d75914241e667cc7e178d8c519ff36c88f23ec404881100c844331d539e5f35e978c

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\HiddenRemoteDesktop_native\configuration.json
Filesize
168B

MD5
62e513368fcaa6ad41fe9bce46e6724f

SHA1
ab9afba8b9496120891f839a4c6d43dde9e59b08

SHA256
9f2f2d2e74c4fd2ed1a309ff6613ece4ca54e6c12aa8b85b0e63b7433cf4a995

SHA512
ef103ab652783ffc75e37e56325ca09e7f1c12fe5a0a2c284df09dfa6edffb9139bab0a4356d0cc41ea166d0bba5c9ec1b4a02ed0d2f41850b463e6f86295e44

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Keylogger_native.plg
Filesize
146B

MD5
8d480f70931ffa64916b6828a91cd312

SHA1
bcf2ad3662e563525306366cb08a11cd9b1d7df0

SHA256
2d4d4af0b0d0a9e1e241c96ffd37b12adef8516496d3387c113a4ae7dd71f89d

SHA512
8f153daa4c7073f8302ecd5149ce30929f4afc15282df0903af11bc36c3b49cd2f1f9353c1c979c74629798f9b7525359dbf3d8323b36688255603a71f27f4c5

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Keylogger_native\configuration.json
Filesize
181B

MD5
9fcb27cd2d0a268b70255be76add3ec6

SHA1
6dca6cee2d15db96be7f06cd187f6c0d7a2fc4ff

SHA256
8f5ac8861d93d980398f809d364521cce59e4605996d4f2488715dbac25043bb

SHA512
39520e2007cee7cfafd5f1ae8a6f9db7e1d77748c716284d81d8f9af8d95d4a41bb6bc5a59c325f8a7addfa2d39f01e8f6d0663e57d838b072405782f92ca639

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Memory_ProcessManager_native.plg
Filesize
168B

MD5
299af9430ecc018b632712127b686b2b

SHA1
cc3d5000a6f5083c33525d0e678aff3fbf248550

SHA256
f92279d02d1f42a3cbac6b9b479297edc393c45b901c9372629c7e0657064ae1

SHA512
74d119ad5ff845ee49e71ea25c197e86b56174c17f2762540f02bd2796b243d286c100c3593421d5cef58e87904e1439366de6934ce168a09e50ac653980253f

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\Memory_ProcessManager_native\configuration.json
Filesize
170B

MD5
e4794de4dd0d9e0d070f8b8defa73293

SHA1
e48a6849197a66ce4a57ab431960241739b2bc3a

SHA256
dc9e85b340916fe2e89689d9079f3279cdf3df0aae215a66f21158755acaf879

SHA512
d3daf563de14286e7eac9ebedf605818794d621dae8c50d45c139ae82caff57a7b7d213954a43d3bdc736641fa8a23eb39073cc4f36e6cfb2cf4d3b63aca84a2

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\ProcessManager_native.plg
Filesize
163B

MD5
bc69b495a90880a950878097536a1fed

SHA1
612d5650dd422a8aae09dcce49a425549cb3861b

SHA256
0387e1fd8d122cda1907edc8114d4f2a8e7709d8063e034684ac0192918eb832

SHA512
89a407cb213216733d369015ac6d1dc10f18f87fe068d0a55612ec94b3436b94b0d37b24db0fdd499a8cc76d6abb1206af34756791c6181cd0b5c50a4130a27b

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\ProcessManager_native\configuration.json
Filesize
163B

MD5
5cdd20af1cc278e52eea60e71b50b7b4

SHA1
87e0990f778ee46fb22ef8a6cc42aea07746ef0f

SHA256
286919364fa8f0f0c5e9da0206edf743248c9093244521e260ac669235731b3d

SHA512
a7f6a971e329b41eb8bbf02f27e1d5ab783adbc84dfbeb62c603d442527d444a5fa0a17032eab83a7008cb7b15d7452c69ba59cf54f421de92d4f5b03b4d512a

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\RegistryManager_native.plg
Filesize
166B

MD5
d0ca605280d619806aa57821bef52379

SHA1
5ad70c1487f51b2b26fc9b8451af8180c0698d29

SHA256
12744219943793ee71350fbf5736d99e326a832185302e7c06d5c1d0f0cd47b2

SHA512
10d4f6d0ab440f104252eb6080f112c8f55fad73f368396d372458b4e80716befae8878210e9f5ebef0bb079920c07bd40018ceeeb401343aee2fdafe79c3134

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\RegistryManager_native\configuration.json
Filesize
164B

MD5
84d80db90b2494543faa37cdd426ad1c

SHA1
e4253b5465b54ec163fab312ef45e680832e8647

SHA256
5f5db99f967edb7cd6be410776df0c32652956c225075b189b839795c57353e4

SHA512
497874a67d299b0d65797d11331d8303d0dca923f6b1c88905d79bbe362393ad2babea832dcc3fa2783ac25fcbf49d1ac26145029c64faaf0ab1ba6ed9c0e2c2

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\RemoteDesktop_native.plg
Filesize
160B

MD5
89806843d8c12f0d156ce7afa9a253cd

SHA1
7a231e342b4e067bfb4ab62cca78eb9366718b61

SHA256
1b0ea9a2938bb443a9913c6503134f6097d65d9a84d73f2bc7014b4c21ae30c6

SHA512
c85449e719cf33af421dc0428fda94662cea2027261c82adc66a96df6b9946e805e080610726d171b2fbe2c9ed4ac3fea50a3f0e9b5af5ac770e6d063bc92536

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\RemoteDesktop_native\configuration.json
Filesize
162B

MD5
23db1a413d493fc7a873009986fc831b

SHA1
acd8e3d4cbf318fc8a479ae53a75a976810b192a

SHA256
a86e5d6d488b70c2ffccead84a20f281518d0158e0a39385253e1b65242bb4d1

SHA512
e4cbbfdadd689815b9f79d482322795f5c6c7721ed54dcac5dd4e93b3dc0cbbff50327f8b0c04895679fa4d442c443d3d55585981694897204473993498123e0

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\RotateScreen_Fun_native.plg
Filesize
165B

MD5
ed386a4199bd085809cec33ca9d48c25

SHA1
85e41a72f1376e627bd5cb5dd2e6dd723a967667

SHA256
f5c74e3aae36a776fe7b6b9613c2e98a88c20346bae80dd17c1beec0e4758fd9

SHA512
8c54f2495e0a0b5165d72f500458f2b805278f17206c7d7abc24dbe50de1e07ddd8bc0d7a7e197fcaf92ce93983869f10d59689c893038e0368642a01a750b50

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\RotateScreen_Fun_native\configuration.json
Filesize
165B

MD5
34ed12d3ad63f86a1741ca97daa1efaa

SHA1
7c9fd7bf572a987badd274fe682f6351442084fc

SHA256
e9274b57ade10e5c4e10bc6c2b3247ebb8f165293ddd8382076358dcb0e17f34

SHA512
49fa9a877254b28d8de120788bb4ccfba8605709b388f9db3ba5ec22d6b7e9657e5fcf5553dbea18b8afd2597e1ca6269aed1915542dccb398d6eb4acb9a6546

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\StartupManager_native.plg
Filesize
163B

MD5
0e98be7f7e0cbbf3d06a2f19d4875ff3

SHA1
a7e0b43669353d402d5839f525442b2f0ac6d14e

SHA256
24082a2840cd8983e69d8faf3e003a10cc291e086156da6d16887fb69010d438

SHA512
08957cb0a28ac06f71a197b5cdc35301c05a2a20499f784d4cbb53fd5b6f9cc15dbe0a35514471f0c89dff1c3eafc22281adfe3c3face45cd86afca6e04b7559

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\StartupManager_native\configuration.json
Filesize
163B

MD5
f1efafc6917dfb0a8ccb0dd16270de78

SHA1
6a7dc5fb72fec56c3f814676cf4b00be0d3e5c95

SHA256
3ac8c0822d548a3612a258528157b372fe4ad8abe19059e18fb47cdbeca3d1be

SHA512
8d29c01833b0e663e53e70e9fae36acc31c5035bf88bfdd0d95af9af63e9e348440ee68fc6aab1ac46e5288be235a5189e8574571b9bd88089aa3020d13bff86

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\SystemInformation_native.plg
Filesize
152B

MD5
e66581fc085dec3f06d9093cd349ea2e

SHA1
6f2ad63d2026f94339b28b1b6d7fe95a152e815f

SHA256
70a3f9a63897b5590e37f9a228a02c91eb0f687e933721ff8120ae90bd72d22e

SHA512
0a5caa55ca96e6037e97074767907fa0d742792f749e8d9cebc6938fb83aa0da18efab02fb472b1ccb3972f502a98f74c020bd6373f8cdbadb7f89752f416c50

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\plugins\SystemInformation_native\configuration.json
Filesize
166B

MD5
9dbcab1acf1c2c4fbacd2d2aa1603a6d

SHA1
4a100731e7d5f36e785b3d3012ddd54c580963ba

SHA256
714f16f56bd047792d944eb7e1cc0abf43861344dcdea2816b528b3c51e32175

SHA512
6a787dcfc71d0b006f934e1b740a1622f5d76ce108cc9dd5aeb6ae1fcc657c00f3ec1ae66dfa7b9276a4fa2e37e091e860b25867830c11500e7edd29fc9845e6

Download Submit
C:\Users\Admin\AppData\Local\Temp\newdcnyash\settings.ccdb
Filesize
2KB

MD5
f0a12e9ea186d85e43da75ea61891856

SHA1
4b6fb6df2c399d90f5975ef748317425f9504e9d

SHA256
21c40cca98b825279eb521efa45e08481f9df02b0192c9543eb4d915f9988b79

SHA512
2b58fc6038e1849374fb3da8fd32b96841767de1b8274253e391cb09570a5cd6c4b704a16c0a4c83ba8d45bf271fa89105127bb404e6e8f91b83afbab7899bc4

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-1300643590-245460719-3687711119-1000\83aa4cc77f591dfc2374580bbd95f6ba_1f5b68c8-aebf-47e2-bea6-9b9db0c2bdc1
Filesize
45B

MD5
c8366ae350e7019aefc9d1e6e6a498c6

SHA1
5731d8a3e6568a5f2dfbbc87e3db9637df280b61

SHA256
11e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238

SHA512
33c980d5a638bfc791de291ebf4b6d263b384247ab27f261a54025108f2f85374b579a026e545f81395736dd40fa4696f2163ca17640dd47f1c42bc9971b18cd

Download Submit
memory/1380-0-0x0000000000400000-0x0000000000423000-memory.dmp

Filesize
140KB

Download
memory/1784-93-0x0000027863450000-0x0000027863460000-memory.dmp

Filesize
64KB

Download
memory/1784-107-0x00000278633F0000-0x0000027863400000-memory.dmp

Filesize
64KB

Download
memory/1784-129-0x0000027863440000-0x0000027863450000-memory.dmp

Filesize
64KB

Download
memory/1784-134-0x0000027863520000-0x0000027863530000-memory.dmp

Filesize
64KB

Download
memory/1784-133-0x0000027863450000-0x0000027863460000-memory.dmp

Filesize
64KB

Download
memory/1784-138-0x0000027863530000-0x0000027863540000-memory.dmp

Filesize
64KB

Download
memory/1784-137-0x0000027863470000-0x0000027863480000-memory.dmp

Filesize
64KB

Download
memory/1784-136-0x0000027863460000-0x0000027863470000-memory.dmp

Filesize
64KB

Download
memory/1784-141-0x0000027863480000-0x0000027863490000-memory.dmp

Filesize
64KB

Download
memory/1784-142-0x0000027863540000-0x0000027863550000-memory.dmp

Filesize
64KB

Download
memory/1784-145-0x0000027863550000-0x0000027863560000-memory.dmp

Filesize
64KB

Download
memory/1784-144-0x0000027863490000-0x00000278634A0000-memory.dmp

Filesize
64KB

Download
memory/1784-146-0x00000278634A0000-0x00000278634B0000-memory.dmp

Filesize
64KB

Download
memory/1784-147-0x0000027863560000-0x0000027863570000-memory.dmp

Filesize
64KB

Download
memory/1784-153-0x0000027863580000-0x0000027863590000-memory.dmp

Filesize
64KB

Download
memory/1784-157-0x00000278634C0000-0x00000278634D0000-memory.dmp

Filesize
64KB

Download
memory/1784-162-0x00000278635C0000-0x00000278635D0000-memory.dmp

Filesize
64KB

Download
memory/1784-161-0x00000278635B0000-0x00000278635C0000-memory.dmp

Filesize
64KB

Download
memory/1784-160-0x00000278635A0000-0x00000278635B0000-memory.dmp

Filesize
64KB

Download
memory/1784-171-0x0000027863600000-0x0000027863610000-memory.dmp

Filesize
64KB

Download
memory/1784-170-0x00000278635F0000-0x0000027863600000-memory.dmp

Filesize
64KB

Download
memory/1784-169-0x00000278635D0000-0x00000278635E0000-memory.dmp

Filesize
64KB

Download
memory/1784-168-0x00000278635E0000-0x00000278635F0000-memory.dmp

Filesize
64KB

Download
memory/1784-167-0x00000278634E0000-0x00000278634F0000-memory.dmp

Filesize
64KB

Download
memory/1784-159-0x0000027863590000-0x00000278635A0000-memory.dmp

Filesize
64KB

Download
memory/1784-158-0x00000278634D0000-0x00000278634E0000-memory.dmp

Filesize
64KB

Download
memory/1784-152-0x0000027863570000-0x0000027863580000-memory.dmp

Filesize
64KB

Download
memory/1784-151-0x00000278634B0000-0x00000278634C0000-memory.dmp

Filesize
64KB

Download
memory/1784-174-0x0000027863610000-0x0000027863620000-memory.dmp

Filesize
64KB

Download
memory/1784-173-0x00000278634F0000-0x0000027863500000-memory.dmp

Filesize
64KB

Download
memory/1784-176-0x0000027863500000-0x0000027863510000-memory.dmp

Filesize
64KB

Download
memory/1784-177-0x0000027863510000-0x0000027863520000-memory.dmp

Filesize
64KB

Download
memory/1784-178-0x0000027863620000-0x0000027863630000-memory.dmp

Filesize
64KB

Download
memory/1784-181-0x0000027863520000-0x0000027863530000-memory.dmp

Filesize
64KB

Download
memory/1784-194-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-212-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-222-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-237-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-325-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-421-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-425-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-131-0x0000027863510000-0x0000027863520000-memory.dmp

Filesize
64KB

Download
memory/1784-511-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-515-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-518-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-126-0x00000278634F0000-0x0000027863500000-memory.dmp

Filesize
64KB

Download
memory/1784-3-0x0000027863050000-0x00000278632C0000-memory.dmp

Filesize
2.4MB

Download
memory/1784-125-0x0000027863430000-0x0000027863440000-memory.dmp

Filesize
64KB

Download
memory/1784-123-0x00000278634E0000-0x00000278634F0000-memory.dmp

Filesize
64KB

Download
memory/1784-122-0x0000027863420000-0x0000027863430000-memory.dmp

Filesize
64KB

Download
memory/1784-119-0x00000278634C0000-0x00000278634D0000-memory.dmp

Filesize
64KB

Download
memory/1784-120-0x00000278634D0000-0x00000278634E0000-memory.dmp

Filesize
64KB

Download
memory/1784-118-0x0000027863410000-0x0000027863420000-memory.dmp

Filesize
64KB

Download
memory/1784-111-0x0000027863400000-0x0000027863410000-memory.dmp

Filesize
64KB

Download
memory/1784-112-0x00000278634B0000-0x00000278634C0000-memory.dmp

Filesize
64KB

Download
memory/1784-130-0x0000027863500000-0x0000027863510000-memory.dmp

Filesize
64KB

Download
memory/1784-108-0x00000278634A0000-0x00000278634B0000-memory.dmp

Filesize
64KB

Download
memory/1784-106-0x0000027863490000-0x00000278634A0000-memory.dmp

Filesize
64KB

Download
memory/1784-105-0x00000278633E0000-0x00000278633F0000-memory.dmp

Filesize
64KB

Download
memory/1784-102-0x0000027863480000-0x0000027863490000-memory.dmp

Filesize
64KB

Download
memory/1784-100-0x00000278633C0000-0x00000278633D0000-memory.dmp

Filesize
64KB

Download
memory/1784-12-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-101-0x00000278633D0000-0x00000278633E0000-memory.dmp

Filesize
64KB

Download
memory/1784-97-0x0000027863460000-0x0000027863470000-memory.dmp

Filesize
64KB

Download
memory/1784-98-0x0000027863470000-0x0000027863480000-memory.dmp

Filesize
64KB

Download
memory/1784-14-0x00000278632C0000-0x00000278632D0000-memory.dmp

Filesize
64KB

Download
memory/1784-16-0x00000278632D0000-0x00000278632E0000-memory.dmp

Filesize
64KB

Download
memory/1784-96-0x00000278633B0000-0x00000278633C0000-memory.dmp

Filesize
64KB

Download
memory/1784-92-0x00000278633A0000-0x00000278633B0000-memory.dmp

Filesize
64KB

Download
memory/1784-90-0x0000027863030000-0x0000027863031000-memory.dmp

Filesize
4KB

Download
memory/1784-88-0x0000027863440000-0x0000027863450000-memory.dmp

Filesize
64KB

Download
memory/1784-87-0x0000027863390000-0x00000278633A0000-memory.dmp

Filesize
64KB

Download
memory/1784-84-0x0000027863380000-0x0000027863390000-memory.dmp

Filesize
64KB

Download
memory/1784-85-0x0000027863430000-0x0000027863440000-memory.dmp

Filesize
64KB

Download
memory/1784-83-0x0000027863420000-0x0000027863430000-memory.dmp

Filesize
64KB

Download
memory/1784-81-0x0000027863370000-0x0000027863380000-memory.dmp

Filesize
64KB

Download
memory/1784-75-0x0000027863360000-0x0000027863370000-memory.dmp

Filesize
64KB

Download
memory/1784-76-0x0000027863410000-0x0000027863420000-memory.dmp

Filesize
64KB

Download
memory/1784-68-0x00000278633F0000-0x0000027863400000-memory.dmp

Filesize
64KB

Download
memory/1784-72-0x0000027863400000-0x0000027863410000-memory.dmp

Filesize
64KB

Download
memory/1784-69-0x0000027863340000-0x0000027863350000-memory.dmp

Filesize
64KB

Download
memory/1784-70-0x0000027863350000-0x0000027863360000-memory.dmp

Filesize
64KB

Download
memory/1784-66-0x0000027863330000-0x0000027863340000-memory.dmp

Filesize
64KB

Download
memory/1784-67-0x00000278633E0000-0x00000278633F0000-memory.dmp

Filesize
64KB

Download
memory/1784-63-0x00000278633C0000-0x00000278633D0000-memory.dmp

Filesize
64KB

Download
memory/1784-64-0x00000278633D0000-0x00000278633E0000-memory.dmp

Filesize
64KB

Download
memory/1784-62-0x0000027863320000-0x0000027863330000-memory.dmp

Filesize
64KB

Download
memory/1784-57-0x0000027863310000-0x0000027863320000-memory.dmp

Filesize
64KB

Download
memory/1784-58-0x00000278633B0000-0x00000278633C0000-memory.dmp

Filesize
64KB

Download
memory/1784-54-0x0000027863300000-0x0000027863310000-memory.dmp

Filesize
64KB

Download
memory/1784-55-0x00000278633A0000-0x00000278633B0000-memory.dmp

Filesize
64KB

Download
memory/1784-51-0x00000278632F0000-0x0000027863300000-memory.dmp

Filesize
64KB

Download
memory/1784-52-0x0000027863390000-0x00000278633A0000-memory.dmp

Filesize
64KB

Download
memory/1784-48-0x00000278632E0000-0x00000278632F0000-memory.dmp

Filesize
64KB

Download
memory/1784-49-0x0000027863380000-0x0000027863390000-memory.dmp

Filesize
64KB

Download
memory/1784-39-0x0000027863050000-0x00000278632C0000-memory.dmp

Filesize
2.4MB

Download
memory/1784-41-0x0000027863350000-0x0000027863360000-memory.dmp

Filesize
64KB

Download
memory/1784-42-0x00000278632C0000-0x00000278632D0000-memory.dmp

Filesize
64KB

Download
memory/1784-46-0x00000278632D0000-0x00000278632E0000-memory.dmp

Filesize
64KB

Download
memory/1784-47-0x0000027863370000-0x0000027863380000-memory.dmp

Filesize
64KB

Download
memory/1784-43-0x0000027863360000-0x0000027863370000-memory.dmp

Filesize
64KB

Download
memory/1784-35-0x0000027863340000-0x0000027863350000-memory.dmp

Filesize
64KB

Download
memory/1784-33-0x0000027863330000-0x0000027863340000-memory.dmp

Filesize
64KB

Download
memory/1784-31-0x0000027863320000-0x0000027863330000-memory.dmp

Filesize
64KB

Download
memory/1784-29-0x0000027863310000-0x0000027863320000-memory.dmp

Filesize
64KB

Download
memory/1784-24-0x0000027863300000-0x0000027863310000-memory.dmp

Filesize
64KB

Download
memory/1784-21-0x00000278632F0000-0x0000027863300000-memory.dmp

Filesize
64KB

Download
memory/1784-19-0x00000278632E0000-0x00000278632F0000-memory.dmp

Filesize
64KB

Download
memory/2572-729-0x000001BB43A90000-0x000001BB43A91000-memory.dmp

Filesize
4KB

Download
memory/2572-684-0x000001BB43A90000-0x000001BB43A91000-memory.dmp

Filesize
4KB

Download
memory/2572-647-0x000001BB43A90000-0x000001BB43A91000-memory.dmp

Filesize
4KB

Download
memory/4464-521-0x0000000000400000-0x000000000041F000-memory.dmp

Filesize
124KB

Download