hxxps://google[.]com

max time kernel
104s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20230220-es
resource tags

arch:x64arch:x86image:win10v2004-20230220-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
12/03/2023, 12:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://google.com

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1013461898-3711306144-4198452673-1000\Control Panel\International\Geo\Nation	torbrowser-install-win64-12.0.3_ALL.exe

Executes dropped EXE 3 IoCs

pid	Process
484	torbrowser-install-win64-12.0.3_ALL.exe
3184	firefox.exe
2420	firefox.exe

Loads dropped DLL 12 IoCs

pid	Process
484	torbrowser-install-win64-12.0.3_ALL.exe
484	torbrowser-install-win64-12.0.3_ALL.exe
484	torbrowser-install-win64-12.0.3_ALL.exe
3184	firefox.exe
2420	firefox.exe
2420	firefox.exe
2420	firefox.exe
2420	firefox.exe
2420	firefox.exe
2420	firefox.exe
2420	firefox.exe
2420	firefox.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 3 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133231027941892917"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	torbrowser-install-win64-12.0.3_ALL.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe

Suspicious use of FindShellTrayWindow 54 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4616 wrote to memory of 4152	4616	chrome.exe	86
PID 4616 wrote to memory of 4152	4616	chrome.exe	86
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4852	4616	chrome.exe	88
PID 4616 wrote to memory of 4600	4616	chrome.exe	89
PID 4616 wrote to memory of 4600	4616	chrome.exe	89
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90
PID 4616 wrote to memory of 3264	4616	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://google.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ff888ca9758,0x7ff888ca9768,0x7ff888ca9778
  2⤵
  PID:4152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1780 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:2
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4540 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4840 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4908 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4980 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5824 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:2820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5648 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5100 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5844 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5236 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5860 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:8
  2⤵
  PID:404
- C:\Users\Admin\Downloads\torbrowser-install-win64-12.0.3_ALL.exe
  "C:\Users\Admin\Downloads\torbrowser-install-win64-12.0.3_ALL.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Loads dropped DLL
  - Modifies registry class
  PID:484
- - C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
    "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:3184
  - - C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
      "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Checks processor information in registry
      PID:2420
    - - C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
        
        "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="2420.0.61720897\2019014330" -parentBuildID 20230702040101 -prefsHandle 2020 -prefMapHandle 2032 -prefsLen 22722 -prefMapSize 228120 -win32kLockedDown -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - 2420 socket
        5⤵
        
        PID:3856
    - - C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
        
        "C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="2420.1.533621106\1743685543" -parentBuildID 20230702040101 -prefsHandle 2056 -prefMapHandle 2052 -prefsLen 23140 -prefMapSize 228120 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - 2420 gpu
        5⤵
        
        PID:624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=216 --field-trial-handle=1844,i,6994810003911644481,11264167210335540141,131072 /prefetch:2
  2⤵
  PID:4088

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3340

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
1⤵
PID:3632

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
28KB

MD5
a56d2548ef3804c5af23053aa2428c41

SHA1
55b2b9c57d6e7fd29fbcca7a67c70ff9da54f84e

SHA256
417e054e6b71cb8eae643f9f6a6a335f7ced70080f2245ab5fe8adae00e1c7d6

SHA512
0f60f6ac1e56370e746b896dc9dc7578a6837f3302d4b43a4b12522a848511ad98bdac0aa6f9d18bfd0cfe3c4d687e5c6ce6972f5a756f2a3c913d16b984f853

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
76dfb9568edada62619dcc1045cf1cf2

SHA1
2f3b2f897541de33d418199db796968abc8748df

SHA256
e712ce87eba2a122ff4bd0513cbda57d83b3f308c9dfdceceb8d232fddaa8166

SHA512
f830de9cab97385af4499003c593f654630a81daf98973f9e82816fbb056ff529aebe51e026b97cd1e9f2846d06d22a9eeed92989d0485f4a9801336cc3c3b92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
616538e70489d67af0317a77c2b45fae

SHA1
1269f2dde74513ba329e2e069ae714db465251af

SHA256
3dcf0fcc9a4525a8fe5d990f4f42d7e0002ec2c00d6033927bde13c95971f67e

SHA512
1b1d10e03b61df305b4cc56df46aa8aff3679288bd075d1765ed3b2536425ce964beac47a3e62743fd4269d75fed8d3091de9b2d5d466d12b98c3a6684c55cc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
875B

MD5
de9ed7bcb2e7ef0dc020d3d9e8f27f1d

SHA1
1849cf8f21933f3b3397d698f27222bc0eef7a43

SHA256
d8d2c97ed397ec24e975c7b03869072ff04035790803a5a9133eb60fa3941789

SHA512
e4930394f3f127e813e3112a6a391a25043c3bbf29f5e2b313e5f3c7c34fbe54ed4c70fb9b1018ffceb795fb1a00d25be39407dc8bbdb98336187bc0111cf794

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
093849eb1df21422ac8079f164175a8f

SHA1
329b9e5eb6c646f1e7e396873fb45745b33393b0

SHA256
aa3220e7160f35fabd11e64b4f516021d446fd882e8cf8625981923b3d42319f

SHA512
de601304d48131eacac286d2715e815de29ddfd6b88f9a43f523ff149abe0c29409233024682943c66028d6bbdee2fcc00623ba1fa97a57fa3cff5316f7f959f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8b6f5f807bccf8f82d5770b9f2134e57

SHA1
8c8a22a56089ffff26783c0e4fcd7babe0ea499e

SHA256
c456619550bc94e9c80392bae63b09b86b0c35486b49868932a0657604a97b81

SHA512
57c1d4d9b5c4344a779460d2378ed222bc2d83f816d18dd90eecc2c0bdbcefdd7c161efcb645bb6d36a1194211ac9ed80d35ac14068f079cbae39aa3c14e4395

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2a4f1bfffed18536e59e10cd25e1b915

SHA1
055bc0aa97f536045d98116d01afd2d79aa11d53

SHA256
6fd8c29c394c6d6fb601ff85b7a8e1f090591fac8c6c630200b35a07f032d1a4

SHA512
baca7d3b4d1cdd129bdb9e58ad1357fdafc7de190f7d814f2343529fe9e3a132b10850136243a3acf41ff5aa35524e20b6f648ec65176bd68c62ac244e492a70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c550bccadb322244c99213602e633df1

SHA1
5f3a1455304b387a6be92cf183a3b584f2906731

SHA256
1a565b5480df78abef28f618e8b833dd4f5576164d110f2e55a296b470aba338

SHA512
351d6da2358df9e98d334e6c602f90e413af6a701f99d30f5072659b4a39ef18b917a7ae2716beed3df7ce563f48875513df6989c22f9fba7e00c3cbd081547c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
768da04257f03be287d6b02572ddc38c

SHA1
b3478838cac8a243c60516db9c732b485f24aab4

SHA256
b0e296dd19c67318f96992ed95f3865b1c5c8bb9ee95b9bf6aa844007f997b50

SHA512
b34f8af37422a442397cbc44a385ae59d4902f64c946007177e232290d6080299c1eac787e470e9e9dddad41c91c5614d1bfc2863a15427d691c431e9cd86eb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
8867bdbafb4982432c2d9dc8db4f340e

SHA1
1ee112132b84a17b4bae16bf9eab37a0e3275b80

SHA256
0a071fd1e6f459ba507efc1daa2dedcbed7d598b5ae3935211b247cc4b45a1ab

SHA512
e43016930801d88636b3a3fec02a9b56cce6e2f4d51d3b4428482c68ed38d094e0008fa012b34baf4e183942301b444f299e717b7c914fb78b3357af16e251de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
143KB

MD5
3e79aff9d8618e317886e80d38dde041

SHA1
09d02021884c1dae34674e0f04289110b7d7c457

SHA256
6d363c69b77cac369883aad817bdf5c7df4691681ca66892fa6aee4d95ef6465

SHA512
371f0357e815a51812a620abec137b16fafc7715f1b483abb63a140f7abdd69c2f4dae9fb44212ba4639dff7eb59d46605bc4cbea65faa1948a7d49c4c05ece0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
115KB

MD5
c68473b3be111227aab246ed873438bb

SHA1
14f212f447fa30f940fe9a5a244f1b384122e169

SHA256
a32277c52dce06957289525ca641229b2c1a935099add42d8a95c3add722b971

SHA512
258a38eef413a191cad720197c6b76be3afb19c0debe97e8c8bbf516bddcb878615222a81cefc74b7570168b7cfc254c456318b7a85e9bb32d59b879167bb41a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe573b73.TMP

Filesize
107KB

MD5
94343ded89dca3b2a4e3419fab8e15ac

SHA1
26e7941f891261c5b10cd726cdd2eb34e3304346

SHA256
51c355b84cf22f20e2d73d6f85ec86d6f75aecdf2cf3144ac284b6fffb0e69e3

SHA512
678bf9d789fe8f37754f75cecb435bc92149555999fc768eaf7ac99929acc2c75a280073d48b934abdcf937eb0ae9d2d635471f77d88ba1fc358ed85dbf2b51d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133231029265934554.txt

Filesize
76KB

MD5
0398f779a496b659cec079c817e3e061

SHA1
8ec122a75cdedc8c3a66ffe5cb209a6a99a10914

SHA256
d1072231b009aa1690a449a91baa38e8fd31b18f6ce6f04a75b0a45080d376c2

SHA512
54ae2112d7ee942d78640f89e5f60feaa3e8c3f8be3c0dea37d666cc0fee9ffcb9e8d62de4df20ae591ac550139436d90d858db5b1d3a0f7a9c7a1248b484a2f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsr4C3D.tmp\LangDLL.dll

Filesize
8KB

MD5
a342d5a613dcf7e57e1f1a1bd4dda897

SHA1
5448bacb7ae79fc1a35624efd130be31ad914ed9

SHA256
58d4aec72eed0f5bfc6d0a292903a4019f406c00f5017ec29831ae35b108a72d

SHA512
5c9d3976cda336f59720584b2e5ade882a956485033ad14ce2038b04388f19daf2a379ef537ee327d36ddc24984d6fc3be4d51f75f73fcb62c1f214561c45b2d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsr4C3D.tmp\System.dll

Filesize
25KB

MD5
a6797f5ba3cc8c13da1c4c374bee9788

SHA1
6e085737a7daf91a2536ae38356bb1786e310469

SHA256
0182ffbba0cc909677cdd00654feae5e35ee047e7c7b094f3b5b320cbed21aaa

SHA512
da5f8eb85faafb26674e31bdfa2c5d8f2e83fef5f4bf1a14aede4fe36305cdd39c0394df65967f85d33fba91a9c083f1c12145bc7a1b4310e89adf93e366ac1a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsr4C3D.tmp\nsDialogs.dll

Filesize
14KB

MD5
7e1708ebf215276eca7284f19ef12c06

SHA1
d9e10da2c0cee2ed5f05ceb550c00a8bdc56518c

SHA256
4401d9c3cadb5845e0e899e3f7ef325e2f02cd83a982331acef193fed20ab7e5

SHA512
4e7aa02cee85184a8362f2f52d926de318a3c2cf3b8beaed47a1c0f975c5970b9f922996ca584d450c6b165654f2901c4c3615c2e317c3cf0ccfe007e686a262

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

Filesize
926KB

MD5
32c1f9d4841ff74fc5bb878e5bc1a736

SHA1
cfcb0cf3236606680b67504d16e8008ba393029d

SHA256
44bdddd89bee11e52e09ea967aebd3aa996dc2d66c1a819e8dfdaf9a16cc753b

SHA512
503bceb4a2907130be83ddddb9852f451ae9f8b4c4d47983a540de94a12ccb9e8eccd9c8fa059d4827c668f718cec9ad155c5e464142678a39dc45028ad47a69

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js

Filesize
961B

MD5
2b8c2d11a4ba77e5d2d4fb1a24630e06

SHA1
45f56f43351dc87d8783b0088b9fa715d2e20291

SHA256
634e232ab2fd10918a15aeeb6ac841b9f47731ae46a583fab1a52c200cd7ec0d

SHA512
c634068f12484dd645586d3f30de1e84d1d69c16ce5805c2de4a790a71e417a038a9c00127c1940038140f7e236b8e2046d6bb6ee1e5d3912a432a5493454029

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js

Filesize
826B

MD5
6c8444d6407ad0b6fe120d454a610f5d

SHA1
2e8f0a8140013e49bd4bc91ba6c2fda355f9d4e4

SHA256
d3e7b66392a854e51a522b8ebf83953bf58dfc36a238b321e740451821e0a1d3

SHA512
baddfaa27a971b12568087ccc2b0a3ee336a8c9afddae28f40731092b9e1ff5b23bfdca053325e2bd9af75daf7983febea618ed03160849b1f041940903a2163

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js

Filesize
471B

MD5
7fb9bcf527d38668891534bba3fd9b1a

SHA1
09c39f5ce6f622d6f4481e4d2e063e62660bb5d4

SHA256
b80c6c74afaa6837095ba228ccdcec472fb5d86f5dc72e5f2a2e0939f4d2e50c

SHA512
cf05e477952d60733281e637b5d1e8edeb960b3261a238b34a505eda2aad9424b074856b41fd1df335fc2f27976367d1b9732000ebe2d2c24adfd4943d214361

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profiles.ini

Filesize
103B

MD5
5b0cb2afa381416690d2b48a5534fe41

SHA1
5c7d290a828ca789ea3cf496e563324133d95e06

SHA256
11dedeb495c4c00ad4ef2ecacbd58918d1c7910f572bbbc87397788bafca265c

SHA512
0e8aafd992d53b2318765052bf3fbd5f21355ae0cbda0d82558ecbb6304136f379bb869c2f9a863496c5d0c11703dbd24041af86131d32af71f276df7c5a740e

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\browser\features\[email protected]

Filesize
614KB

MD5
3cdd8690bbf041ebecdc8b88b55459fc

SHA1
a7a43fc5c05bbaacce982b561130d3b890cb6a06

SHA256
458bf9b4e528417441fcb250e4539b8d007dcc6b3b53443d2872fa4efb70e5fa

SHA512
12422b1bd0253c33a30cb5862758b0f9a83b79dc6269ba2e3887a4e40ae979b5623af53d986672ff44a0eff274cc54665d679e2187c2b0aa04527c8f7e6bf798

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\browser\omni.ja

Filesize
25.3MB

MD5
e403dfaf68b8537495e25c09389c518d

SHA1
9d96361c667e1c8c56a8cda5c2879ef4041434af

SHA256
a2e7f4c226cdbed7d67223d18142ad187ed397ee854fbe20dace6aca8a3aa4a4

SHA512
1f4001c082824213e73a66735f17ad332253c17d75983b3126fd6cdd13495611caeebde18719b38237cfd8c1335fcd6b04c766fdcc088f908137d2d5881e8d8a

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\defaults\pref\channel-prefs.js

Filesize
429B

MD5
3d84d108d421f30fb3c5ef2536d2a3eb

SHA1
0f3b02737462227a9b9e471f075357c9112f0a68

SHA256
7d9d37eff1dc4e59a6437026602f1953ef58ee46ff3d81dbb8e13b0fd0bec86b

SHA512
76cb3d59b08b0e546034cbb4fb11d8cfbb80703430dfe6c9147612182ba01910901330db7f0f304a90474724f32fd7b9d102c351218f7a291d28b3a80b7ac1e5

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\dependentlibs.list

Filesize
42B

MD5
70b1d09d91bc834e84a48a259f7c1ee9

SHA1
592ddaec59f760c0afe677ad3001f4b1a85bb3c0

SHA256
2b157d7ff7505d10cb5c3a7de9ba14a6832d1f5bfdbfe4fff981b5db394db6ce

SHA512
b37be03d875aa75df5a525f068ed6cf43970d38088d7d28ae100a51e2baa55c2ad5180be0beda2300406db0bdea231dde1d3394ee1c466c0230253edfe6aa6e4

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

Filesize
1.7MB

MD5
02cc492b31cb1d94a7b6a928761cb8fa

SHA1
64ae34ee7f3bcd2e9df2bf58142bcd8f409bd975

SHA256
c62b9c56f4ee23666308888a0dca00e651075eea6f96d3c783ec2037ce4acf1c

SHA512
d312a101171e70a0875be3dfd767d0e5778ef25864a7f48c53408b48b1b5a45b36d5cb68f55d91b00237133ed2b91a362d6fd4282582dae33b189f148b02b119

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

Filesize
1.7MB

MD5
02cc492b31cb1d94a7b6a928761cb8fa

SHA1
64ae34ee7f3bcd2e9df2bf58142bcd8f409bd975

SHA256
c62b9c56f4ee23666308888a0dca00e651075eea6f96d3c783ec2037ce4acf1c

SHA512
d312a101171e70a0875be3dfd767d0e5778ef25864a7f48c53408b48b1b5a45b36d5cb68f55d91b00237133ed2b91a362d6fd4282582dae33b189f148b02b119

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

Filesize
1.7MB

MD5
02cc492b31cb1d94a7b6a928761cb8fa

SHA1
64ae34ee7f3bcd2e9df2bf58142bcd8f409bd975

SHA256
c62b9c56f4ee23666308888a0dca00e651075eea6f96d3c783ec2037ce4acf1c

SHA512
d312a101171e70a0875be3dfd767d0e5778ef25864a7f48c53408b48b1b5a45b36d5cb68f55d91b00237133ed2b91a362d6fd4282582dae33b189f148b02b119

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

Filesize
1.7MB

MD5
02cc492b31cb1d94a7b6a928761cb8fa

SHA1
64ae34ee7f3bcd2e9df2bf58142bcd8f409bd975

SHA256
c62b9c56f4ee23666308888a0dca00e651075eea6f96d3c783ec2037ce4acf1c

SHA512
d312a101171e70a0875be3dfd767d0e5778ef25864a7f48c53408b48b1b5a45b36d5cb68f55d91b00237133ed2b91a362d6fd4282582dae33b189f148b02b119

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

Filesize
1.7MB

MD5
02cc492b31cb1d94a7b6a928761cb8fa

SHA1
64ae34ee7f3bcd2e9df2bf58142bcd8f409bd975

SHA256
c62b9c56f4ee23666308888a0dca00e651075eea6f96d3c783ec2037ce4acf1c

SHA512
d312a101171e70a0875be3dfd767d0e5778ef25864a7f48c53408b48b1b5a45b36d5cb68f55d91b00237133ed2b91a362d6fd4282582dae33b189f148b02b119

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

Filesize
1.7MB

MD5
02cc492b31cb1d94a7b6a928761cb8fa

SHA1
64ae34ee7f3bcd2e9df2bf58142bcd8f409bd975

SHA256
c62b9c56f4ee23666308888a0dca00e651075eea6f96d3c783ec2037ce4acf1c

SHA512
d312a101171e70a0875be3dfd767d0e5778ef25864a7f48c53408b48b1b5a45b36d5cb68f55d91b00237133ed2b91a362d6fd4282582dae33b189f148b02b119

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\freebl3.dll

Filesize
688KB

MD5
512d8aa1f669f97cad1e3acc044eb65e

SHA1
147956e0cff7d50b975ac799c91996abb1b4063b

SHA256
337f43d3fe6d7ae4f58e0aeab4218462ea107dbec3765907daff14267c1769e5

SHA512
5ebdd7e1ed5d9333d2ee87868b085cb691cbbab09222caff874b3b8a2f0e994ddd510e0fe022e33e13f69937349a301cb811a0157ae2f05ca88b1d4bcbb133a7

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\freebl3.dll

Filesize
688KB

MD5
512d8aa1f669f97cad1e3acc044eb65e

SHA1
147956e0cff7d50b975ac799c91996abb1b4063b

SHA256
337f43d3fe6d7ae4f58e0aeab4218462ea107dbec3765907daff14267c1769e5

SHA512
5ebdd7e1ed5d9333d2ee87868b085cb691cbbab09222caff874b3b8a2f0e994ddd510e0fe022e33e13f69937349a301cb811a0157ae2f05ca88b1d4bcbb133a7

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\freebl3.dll

Filesize
688KB

MD5
512d8aa1f669f97cad1e3acc044eb65e

SHA1
147956e0cff7d50b975ac799c91996abb1b4063b

SHA256
337f43d3fe6d7ae4f58e0aeab4218462ea107dbec3765907daff14267c1769e5

SHA512
5ebdd7e1ed5d9333d2ee87868b085cb691cbbab09222caff874b3b8a2f0e994ddd510e0fe022e33e13f69937349a301cb811a0157ae2f05ca88b1d4bcbb133a7

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\ipcclientcerts.dll

Filesize
309KB

MD5
713e80c34d2f559cd8fac6712a39b2f0

SHA1
c4117a846d397154ce0ee0520828093a17093e55

SHA256
8e1432cf279e9455010c939d498e9e779513c85efdeee3af42082c0ffc9b347e

SHA512
51cd72a8d4606c23134fb563c71038ae987e7c08871bf71f2260ba0bb32d771b1c28b377e15aee8d15842369a6a35b70f8940b16a7546e12477905ed64078928

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\ipcclientcerts.dll

Filesize
309KB

MD5
713e80c34d2f559cd8fac6712a39b2f0

SHA1
c4117a846d397154ce0ee0520828093a17093e55

SHA256
8e1432cf279e9455010c939d498e9e779513c85efdeee3af42082c0ffc9b347e

SHA512
51cd72a8d4606c23134fb563c71038ae987e7c08871bf71f2260ba0bb32d771b1c28b377e15aee8d15842369a6a35b70f8940b16a7546e12477905ed64078928

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\lgpllibs.dll

Filesize
44KB

MD5
bcfe7882860143a480bc3311c6aae858

SHA1
b1d429cfbed0130c1ccfb65519ee0e89eba18cb0

SHA256
2cc69d2db26cf97b11b54643076a2e458962fa8404f768dd6702dd306b39f72c

SHA512
4ae02c015dd693e033f80dc1e762a440e91942cedff961ff5818d44af82b8303de7873c91ec150d3b97f4856d12d9ac0c36c5d23cad55e70cf397a34a8f69bb3

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\lgpllibs.dll

Filesize
44KB

MD5
bcfe7882860143a480bc3311c6aae858

SHA1
b1d429cfbed0130c1ccfb65519ee0e89eba18cb0

SHA256
2cc69d2db26cf97b11b54643076a2e458962fa8404f768dd6702dd306b39f72c

SHA512
4ae02c015dd693e033f80dc1e762a440e91942cedff961ff5818d44af82b8303de7873c91ec150d3b97f4856d12d9ac0c36c5d23cad55e70cf397a34a8f69bb3

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\lgpllibs.dll

Filesize
44KB

MD5
bcfe7882860143a480bc3311c6aae858

SHA1
b1d429cfbed0130c1ccfb65519ee0e89eba18cb0

SHA256
2cc69d2db26cf97b11b54643076a2e458962fa8404f768dd6702dd306b39f72c

SHA512
4ae02c015dd693e033f80dc1e762a440e91942cedff961ff5818d44af82b8303de7873c91ec150d3b97f4856d12d9ac0c36c5d23cad55e70cf397a34a8f69bb3

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\lgpllibs.dll

Filesize
44KB

MD5
bcfe7882860143a480bc3311c6aae858

SHA1
b1d429cfbed0130c1ccfb65519ee0e89eba18cb0

SHA256
2cc69d2db26cf97b11b54643076a2e458962fa8404f768dd6702dd306b39f72c

SHA512
4ae02c015dd693e033f80dc1e762a440e91942cedff961ff5818d44af82b8303de7873c91ec150d3b97f4856d12d9ac0c36c5d23cad55e70cf397a34a8f69bb3

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\lgpllibs.dll

Filesize
44KB

MD5
bcfe7882860143a480bc3311c6aae858

SHA1
b1d429cfbed0130c1ccfb65519ee0e89eba18cb0

SHA256
2cc69d2db26cf97b11b54643076a2e458962fa8404f768dd6702dd306b39f72c

SHA512
4ae02c015dd693e033f80dc1e762a440e91942cedff961ff5818d44af82b8303de7873c91ec150d3b97f4856d12d9ac0c36c5d23cad55e70cf397a34a8f69bb3

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll

Filesize
1.5MB

MD5
4f3251a55f692e8e0f2e2a48fea1f5d7

SHA1
5c4a8c8996bedd3045fa1339fa9123297f174e5e

SHA256
db984c0065b7c88bf198466f8b6b39ce0e508548f8efbbca71dd6a8804513464

SHA512
6ee31f73c3890d7fc00cd3b89ca1c27d0843381cdaa3e62f0581a3fb1a438c89554670c5bb0c574ac400e5b5a75b798990340889ce46607a33acdd45353fc1aa

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll

Filesize
1.5MB

MD5
4f3251a55f692e8e0f2e2a48fea1f5d7

SHA1
5c4a8c8996bedd3045fa1339fa9123297f174e5e

SHA256
db984c0065b7c88bf198466f8b6b39ce0e508548f8efbbca71dd6a8804513464

SHA512
6ee31f73c3890d7fc00cd3b89ca1c27d0843381cdaa3e62f0581a3fb1a438c89554670c5bb0c574ac400e5b5a75b798990340889ce46607a33acdd45353fc1aa

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll

Filesize
1.5MB

MD5
4f3251a55f692e8e0f2e2a48fea1f5d7

SHA1
5c4a8c8996bedd3045fa1339fa9123297f174e5e

SHA256
db984c0065b7c88bf198466f8b6b39ce0e508548f8efbbca71dd6a8804513464

SHA512
6ee31f73c3890d7fc00cd3b89ca1c27d0843381cdaa3e62f0581a3fb1a438c89554670c5bb0c574ac400e5b5a75b798990340889ce46607a33acdd45353fc1aa

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll

Filesize
1.5MB

MD5
4f3251a55f692e8e0f2e2a48fea1f5d7

SHA1
5c4a8c8996bedd3045fa1339fa9123297f174e5e

SHA256
db984c0065b7c88bf198466f8b6b39ce0e508548f8efbbca71dd6a8804513464

SHA512
6ee31f73c3890d7fc00cd3b89ca1c27d0843381cdaa3e62f0581a3fb1a438c89554670c5bb0c574ac400e5b5a75b798990340889ce46607a33acdd45353fc1aa

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll

Filesize
1.5MB

MD5
4f3251a55f692e8e0f2e2a48fea1f5d7

SHA1
5c4a8c8996bedd3045fa1339fa9123297f174e5e

SHA256
db984c0065b7c88bf198466f8b6b39ce0e508548f8efbbca71dd6a8804513464

SHA512
6ee31f73c3890d7fc00cd3b89ca1c27d0843381cdaa3e62f0581a3fb1a438c89554670c5bb0c574ac400e5b5a75b798990340889ce46607a33acdd45353fc1aa

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\mozglue.dll

Filesize
1.5MB

MD5
4f3251a55f692e8e0f2e2a48fea1f5d7

SHA1
5c4a8c8996bedd3045fa1339fa9123297f174e5e

SHA256
db984c0065b7c88bf198466f8b6b39ce0e508548f8efbbca71dd6a8804513464

SHA512
6ee31f73c3890d7fc00cd3b89ca1c27d0843381cdaa3e62f0581a3fb1a438c89554670c5bb0c574ac400e5b5a75b798990340889ce46607a33acdd45353fc1aa

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nss3.dll

Filesize
2.5MB

MD5
4c026429c5dd3e5ddc955960720b66d5

SHA1
2e09afeb9352178b7441d220acce586b4b2b04e0

SHA256
a59bc877fe0e4299f13a2e1a6869fe0304f230b8023f5f2ad0293cac9fdc959b

SHA512
3ad0ec1ab552411cd4dff56360dc8f6e76226eede707ad1c28ad41443f4f98a540a37d278f6cd089901dd50b705d8ff37549ee8f7621c819438a2e36b24ef4dc

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nss3.dll

Filesize
2.5MB

MD5
4c026429c5dd3e5ddc955960720b66d5

SHA1
2e09afeb9352178b7441d220acce586b4b2b04e0

SHA256
a59bc877fe0e4299f13a2e1a6869fe0304f230b8023f5f2ad0293cac9fdc959b

SHA512
3ad0ec1ab552411cd4dff56360dc8f6e76226eede707ad1c28ad41443f4f98a540a37d278f6cd089901dd50b705d8ff37549ee8f7621c819438a2e36b24ef4dc

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nss3.dll

Filesize
2.5MB

MD5
4c026429c5dd3e5ddc955960720b66d5

SHA1
2e09afeb9352178b7441d220acce586b4b2b04e0

SHA256
a59bc877fe0e4299f13a2e1a6869fe0304f230b8023f5f2ad0293cac9fdc959b

SHA512
3ad0ec1ab552411cd4dff56360dc8f6e76226eede707ad1c28ad41443f4f98a540a37d278f6cd089901dd50b705d8ff37549ee8f7621c819438a2e36b24ef4dc

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nss3.dll

Filesize
2.5MB

MD5
4c026429c5dd3e5ddc955960720b66d5

SHA1
2e09afeb9352178b7441d220acce586b4b2b04e0

SHA256
a59bc877fe0e4299f13a2e1a6869fe0304f230b8023f5f2ad0293cac9fdc959b

SHA512
3ad0ec1ab552411cd4dff56360dc8f6e76226eede707ad1c28ad41443f4f98a540a37d278f6cd089901dd50b705d8ff37549ee8f7621c819438a2e36b24ef4dc

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nss3.dll

Filesize
2.5MB

MD5
4c026429c5dd3e5ddc955960720b66d5

SHA1
2e09afeb9352178b7441d220acce586b4b2b04e0

SHA256
a59bc877fe0e4299f13a2e1a6869fe0304f230b8023f5f2ad0293cac9fdc959b

SHA512
3ad0ec1ab552411cd4dff56360dc8f6e76226eede707ad1c28ad41443f4f98a540a37d278f6cd089901dd50b705d8ff37549ee8f7621c819438a2e36b24ef4dc

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nssckbi.dll

Filesize
425KB

MD5
8f96a1ef1109af27560f2616bb395753

SHA1
88b59989368f680edd839a35ff2ad872cc16dd06

SHA256
ebe05eaa2de3ee9419a2c5d3bb0002783f3a30fa30ca10507747c4bbb13534df

SHA512
e4c06707d01d8393b6207b114ff1f340cfb992d6ce4566fec9824aa700bc146b7e824b7265c02c550b6e7cfec3cb40abf50f4be8855b8d4cab6d5fc97db092e6

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\nssckbi.dll

Filesize
425KB

MD5
8f96a1ef1109af27560f2616bb395753

SHA1
88b59989368f680edd839a35ff2ad872cc16dd06

SHA256
ebe05eaa2de3ee9419a2c5d3bb0002783f3a30fa30ca10507747c4bbb13534df

SHA512
e4c06707d01d8393b6207b114ff1f340cfb992d6ce4566fec9824aa700bc146b7e824b7265c02c550b6e7cfec3cb40abf50f4be8855b8d4cab6d5fc97db092e6

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\omni.ja

Filesize
16.4MB

MD5
229586b8895f4e3793198543c3a80051

SHA1
1d955e28a7d0088e83ef7fe753d9a222db4a2f3e

SHA256
d9a9bfb86eaf886e3e38a44a3810d68551a1d65cfe4040b57d6662068368731f

SHA512
b555358887252b8c7c14c33c067a742f46b3514634aa6dc091c0cc0e0cdae94781b2feeb1288c8ab1564e2181e666e2120928b12b667aeea30ad3358bc071d71

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\softokn3.dll

Filesize
291KB

MD5
7d43088b1c5678ab6ba66aa8b2871de4

SHA1
80e7e20b7ac03d0f823fbee3cb454d1a786f5d68

SHA256
36332e83cc9fcea1d9cae4798794c469d47fa84455b2bc8118d864de6b8e87f6

SHA512
b3cbff4405031ad39cd06e1a6b7c80f7ee97af57b6b82cb84162e5d9da666b3ebdf45d0de3dedd3e7b350046a8d7a1a46f8280562e809537c600e8ad18c507ca

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\softokn3.dll

Filesize
291KB

MD5
7d43088b1c5678ab6ba66aa8b2871de4

SHA1
80e7e20b7ac03d0f823fbee3cb454d1a786f5d68

SHA256
36332e83cc9fcea1d9cae4798794c469d47fa84455b2bc8118d864de6b8e87f6

SHA512
b3cbff4405031ad39cd06e1a6b7c80f7ee97af57b6b82cb84162e5d9da666b3ebdf45d0de3dedd3e7b350046a8d7a1a46f8280562e809537c600e8ad18c507ca

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\softokn3.dll

Filesize
291KB

MD5
7d43088b1c5678ab6ba66aa8b2871de4

SHA1
80e7e20b7ac03d0f823fbee3cb454d1a786f5d68

SHA256
36332e83cc9fcea1d9cae4798794c469d47fa84455b2bc8118d864de6b8e87f6

SHA512
b3cbff4405031ad39cd06e1a6b7c80f7ee97af57b6b82cb84162e5d9da666b3ebdf45d0de3dedd3e7b350046a8d7a1a46f8280562e809537c600e8ad18c507ca

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\xul.dll

Filesize
106.1MB

MD5
b4d091e10864ee67b2796f759470e2bd

SHA1
74946a16ad0cb993de101af619e7c109e012f19a

SHA256
32fe6e955e544c51482643c03cc01ee322f88d4b9796e0a223787b6cc9db768a

SHA512
a9bb4b21115ab5965b458af2b2161228df25be36bd4c19c0e9b895948940fdad764a09316a7adfc35776a509d11b08b1ac92dfbab96a3d7fb0911d57e403525e

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\xul.dll

Filesize
68.8MB

MD5
3610553f6a2e319bf1992391d4040a38

SHA1
3e56bbf04eeb4631a58846a9f42fa0985a74aa0c

SHA256
03ce863b7f1988ab05b2e513cc7980e81c1477de07283860be868aee4e35d672

SHA512
16a363ea04090b3974f4a4b17c20dea41db79396139ff25aeb528f30f29cbeb38f1f4532165ab5eaccd4560a2a16ac2cd7cd1d2e71daeb49f8cb1980039e2ded

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\xul.dll

Filesize
133.8MB

MD5
ce8b754cc3a6baba8fb488876083e136

SHA1
6910a63bde466727db9536516f43608bcf9c4867

SHA256
ace5dd6d629ae5507387f8a57458828ec06e74bdf21a0143c5cadc507bdb247c

SHA512
94c8f992211072232dd67f232aa895dbd3416a2b538f9b4bcd143df3262d42f37c90cfb8325529cd38b9dffbb294f921f8ba391402569791effaf320422adfbb

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\xul.dll

Filesize
133.8MB

MD5
ce8b754cc3a6baba8fb488876083e136

SHA1
6910a63bde466727db9536516f43608bcf9c4867

SHA256
ace5dd6d629ae5507387f8a57458828ec06e74bdf21a0143c5cadc507bdb247c

SHA512
94c8f992211072232dd67f232aa895dbd3416a2b538f9b4bcd143df3262d42f37c90cfb8325529cd38b9dffbb294f921f8ba391402569791effaf320422adfbb

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Browser\xul.dll

Filesize
133.8MB

MD5
ce8b754cc3a6baba8fb488876083e136

SHA1
6910a63bde466727db9536516f43608bcf9c4867

SHA256
ace5dd6d629ae5507387f8a57458828ec06e74bdf21a0143c5cadc507bdb247c

SHA512
94c8f992211072232dd67f232aa895dbd3416a2b538f9b4bcd143df3262d42f37c90cfb8325529cd38b9dffbb294f921f8ba391402569791effaf320422adfbb

Download Submit
C:\Users\Admin\Desktop\Tor Browser\Start Tor Browser.lnk

Filesize
845B

MD5
a6674afeae01f5800352cc425e823338

SHA1
9f2c3c91acb89396c554e2a294ea51af1336c97b

SHA256
514443d57b3d4aff5ef0de2dc7bcfa70183d7c6495369628ff4d7bc6e2067726

SHA512
bc552af6403f2a819d406d60325d93ee63edbe8fa338aeed7733a6ecf30a051c8868dbee7ee034adc55790d0f8ebb7779d4432b2ff0f94dc073d4c3eb7e50de5

Download Submit
C:\Users\Admin\Downloads\torbrowser-install-win64-12.0.3_ALL.exe

Filesize
91.4MB

MD5
dbb98d806878907c60b2a698cf14794e

SHA1
62fa459f9f05b4cac43c53f915da4a34ea9d007c

SHA256
8f9e526da7d1adaa5c6c7be88412e9e6c7eab9af1b5f080b0d674f5b35f5c4bf

SHA512
d61ea9a516df38d75af58f2432c60d126cf39f522eb3c5749a44fea6e8c1f0a5e45a107b28cf205a884f5428bb80b576c4683083d8886fa80f1999ed8ebdc91a

Download Submit
C:\Users\Admin\Downloads\torbrowser-install-win64-12.0.3_ALL.exe

Filesize
91.4MB

MD5
dbb98d806878907c60b2a698cf14794e

SHA1
62fa459f9f05b4cac43c53f915da4a34ea9d007c

SHA256
8f9e526da7d1adaa5c6c7be88412e9e6c7eab9af1b5f080b0d674f5b35f5c4bf

SHA512
d61ea9a516df38d75af58f2432c60d126cf39f522eb3c5749a44fea6e8c1f0a5e45a107b28cf205a884f5428bb80b576c4683083d8886fa80f1999ed8ebdc91a

Download Submit
C:\Users\Admin\Downloads\torbrowser-install-win64-12.0.3_ALL.exe

Filesize
91.4MB

MD5
dbb98d806878907c60b2a698cf14794e

SHA1
62fa459f9f05b4cac43c53f915da4a34ea9d007c

SHA256
8f9e526da7d1adaa5c6c7be88412e9e6c7eab9af1b5f080b0d674f5b35f5c4bf

SHA512
d61ea9a516df38d75af58f2432c60d126cf39f522eb3c5749a44fea6e8c1f0a5e45a107b28cf205a884f5428bb80b576c4683083d8886fa80f1999ed8ebdc91a

Download Submit
memory/484-394-0x00007FF889D60000-0x00007FF889D6F000-memory.dmp

Filesize
60KB

Download
memory/484-445-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/484-372-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/484-393-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/484-395-0x00007FF889D40000-0x00007FF889D4B000-memory.dmp

Filesize
44KB

Download
memory/484-438-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/484-654-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/484-610-0x00007FF89BDA0000-0x00007FF89BDAD000-memory.dmp

Filesize
52KB

Download
memory/484-608-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/484-470-0x0000000140000000-0x0000000140066000-memory.dmp

Filesize
408KB

Download
memory/3632-1008-0x000001F493AE0000-0x000001F493B00000-memory.dmp

Filesize
128KB

Download
memory/3632-1012-0x000001F493AA0000-0x000001F493AC0000-memory.dmp

Filesize
128KB

Download
memory/3632-1015-0x000001F4940C0000-0x000001F4940E0000-memory.dmp

Filesize
128KB

Download
memory/3856-1189-0x00007FF8A71F0000-0x00007FF8A71F1000-memory.dmp

Filesize
4KB

Download
memory/3856-1188-0x00007FF8A64A0000-0x00007FF8A64A1000-memory.dmp

Filesize
4KB

Download