ff866018a3a8ec05b224b7dd4f87596f46b6be6b08365448b68e59b90e0d7971

Analysis

max time kernel
154s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
24-03-2023 16:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

scylla_hide.ini
Size

1011B
MD5

4083c5cb2e0c9ca11a5a04a52b599c2c
SHA1

dd6010e7f4e7a3a71d70d081d71a31fe22ccf9f4
SHA256

ff866018a3a8ec05b224b7dd4f87596f46b6be6b08365448b68e59b90e0d7971
SHA512

f3cac47214869f254fe1cd6ebbe4c542fcdaa0df3b8bb148e6d3b9ddf33289215acfc0e5df02d94fc9aa02a4bcef9587960efd9caf8f20f4cb9f4704fb211fc6

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133241519760116571"	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings chrome.exe
Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

1524 NOTEPAD.EXE
Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes:

chrome.exechrome.exe

pid process

4880 chrome.exe
4880 chrome.exe
4880 chrome.exe
4880 chrome.exe
2096 chrome.exe
2096 chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings	chrome.exe

pid	process
1524	NOTEPAD.EXE

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

Processes:

chrome.exe

pid	process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe

Suspicious use of FindShellTrayWindow 42 IoCs

Processes:

chrome.exe

pid	process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 4880 wrote to memory of 2536	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 2536	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4432	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4928	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 4928	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe
PID 4880 wrote to memory of 3488	4880	chrome.exe	chrome.exe

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\scylla_hide.ini
1⤵
- Opens file in notepad (likely ransom note)
PID:1524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4880

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd9529758,0x7ffcd9529768,0x7ffcd9529778
2⤵
PID:2536

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1836 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:2
2⤵
PID:4432

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4928

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:3488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3180 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:368

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3152 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:1096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4544 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:4760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4560 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:1092

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4968 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:3464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4528 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:3096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5096 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:1260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5092 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:5052

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5028 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4948

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:1788

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4848

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=852 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:5068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2808 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4400

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4960 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:2516

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3356 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:4120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5600 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:900

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5756 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:3632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5596 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:5036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5600 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4560

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4996 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:3812

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4704 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:4260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3448 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:3168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5088 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:3904

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3196 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:3708

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6000 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=3272 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:3464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5608 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:220

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6008 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:4120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5844 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:8
2⤵
PID:1756

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6324 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5356 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:1060

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=3252 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:4664

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3972 --field-trial-handle=1824,i,1406907259018195321,16476314267709192695,131072 /prefetch:1
2⤵
PID:244

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2712

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3332

C:\Users\Admin\Desktop\boomnew-main\Loaderr.exe
"C:\Users\Admin\Desktop\boomnew-main\Loaderr.exe"
1⤵
PID:804

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:1648

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd9529758,0x7ffcd9529768,0x7ffcd9529778
2⤵
PID:3336

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Filesize
40B

MD5
d5aa436f438bef1f8801fe7aea488da4

SHA1
fe3fccaeaee75c2addcb31ddb74a609fa9e47873

SHA256
53e51ffd114b6690845f9206d0584783c37637db83a91286d25703a725d25200

SHA512
f4d08c551c6ff43c7136199806da7d6db8d3aed894d81f60123ac9021cad165d03052ac5f5b6b1feb92f67f590d06e40ba9871daabeacc80c3be392992c4f1ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Filesize
40B

MD5
d5aa436f438bef1f8801fe7aea488da4

SHA1
fe3fccaeaee75c2addcb31ddb74a609fa9e47873

SHA256
53e51ffd114b6690845f9206d0584783c37637db83a91286d25703a725d25200

SHA512
f4d08c551c6ff43c7136199806da7d6db8d3aed894d81f60123ac9021cad165d03052ac5f5b6b1feb92f67f590d06e40ba9871daabeacc80c3be392992c4f1ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Filesize
40B

MD5
d5aa436f438bef1f8801fe7aea488da4

SHA1
fe3fccaeaee75c2addcb31ddb74a609fa9e47873

SHA256
53e51ffd114b6690845f9206d0584783c37637db83a91286d25703a725d25200

SHA512
f4d08c551c6ff43c7136199806da7d6db8d3aed894d81f60123ac9021cad165d03052ac5f5b6b1feb92f67f590d06e40ba9871daabeacc80c3be392992c4f1ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
Filesize
47KB

MD5
7579d25c7d1ddf4f3e2e27ab5fed443d

SHA1
eb9261a097971532002bc079558e0c88fcfdcc4f

SHA256
ba35f6571218cdd7ba0c0aebbf5489708eddcf7ccd04e43092a381bf53454213

SHA512
0f2ab60b0a50b2a9c7ae82bdb21468d869de23628fb82ee79a0226e4185c57a25e0b3a5f6a1ecca4ed05b6d0ece7fb0578bd353db8eb1cb8e287eb4ec0707292

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
Filesize
292KB

MD5
bc8caa4854a31ec56bd52e2853ba4f8c

SHA1
d141689b4d7b589db254eea81a7550723a80d5b1

SHA256
411da92c61bfa1ea119b4eba1b522f19fcdf54acfb0dc05b82b79d943c83b87b

SHA512
ebcdd907f24f11d438288403b1a5f47b6ca0e811b19a20f88afc8ef6df02dabd175d6fe8c96ce1c2edd482115a584824ff2be771e0a5e0ac8587885dfa77162b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
Filesize
63KB

MD5
38a059fbc080b07299425dbd6c9a0de7

SHA1
d20df74f0fb27f3154324147960a848988bd570d

SHA256
6a0192e4a39c3b7445105aacbca7ab692f39ea8f848c183ee9464b8cdc70d1bd

SHA512
dd15c47ee780d9bd7e4b6459d411a259f55e65f805a7e40d9b1473a491740d7fa7d99e276266cbd1987c6583c70fb1ba2c673eb81aecaae07d7026ab72ef64f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
Filesize
68KB

MD5
18da54d1731e0c1085cb0604524fc850

SHA1
fbdb021efa13a39ce14bd33edd70df5301504bc3

SHA256
d32fb065658172998df42a9a268d669158405356a5c1763fd6beacecd609a2a9

SHA512
0b6ca6a532430afe099263dc617f412fd7dbdd08f42f9fcadc0e1b8c8ec7dc27d16dc8ee1faf90504c9751c979825f02ab4d551f991bfb8f4f48ac0ce15c1eab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
Filesize
37KB

MD5
47ae9b25af86702d77c7895ac6f6b57c

SHA1
f56f78729b99247a975620a1103cac3ee9f313a5

SHA256
9bde79a1b0866f68d6baa43f920e971b5feb35a8e0af7ffadc114366f8538224

SHA512
72b5296e3dd1c5b4c42d8c3e4a56693819779167b9f02bc2d5f5a626b519a9cf10bee59846d614c929c42094b65d13039f6024f6cb1c023e740969aaefd060c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
Filesize
61KB

MD5
11d1b2c0f58efde16b1e8b536038d2f1

SHA1
316955db875fa89d0896b7794ec63ffb7e928459

SHA256
5ceb6dcf079ab772724441e3543f9dd8a4d439bc5be8421fe6c7c03cdb94486a

SHA512
220b2f950bcb8b5325cad93edf3923a418b7655699f4cc72d9701b709a8a8e11682510ee2f2bf6f0ac507cbb707a772d687fcd6d2a5df360c1a53717663b7b21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
Filesize
50KB

MD5
7c25eccc08c604818f2ad949bbd64d03

SHA1
f798ffc2e47c6c816b6407df3be703e26daeb167

SHA256
4065467e0796055cdb19ba98e01666d967e99df14316fe190edc613c9f2bae71

SHA512
99d95a658e9cb66eb237fa78b0053e2403b903b5ae785d3b4ee840fe4a3696c22a707a6d7b3ab86fe2bbb7b3e34942f95db773e4cefd32fea224c8c559253274

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
Filesize
107KB

MD5
8fddc97d131bf74e054fe861dd45b637

SHA1
3f7d1c5e6d69c89847cfce5bee89fce548e86290

SHA256
16f04e220c0e897266f178aa92486e6b3d53e6b76bcd11f820d71b564340f702

SHA512
b0bad48327781a0a6ca4786bb463bccc7c0c9882ec9b2eddbba3730fbf377f760f788db721fb6a7b928cd2ed94eb965522a387d72914c27400bf16e70bd456ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
Filesize
611KB

MD5
b184139ce34469a5ec45b250b44646d6

SHA1
de45e59516e6170cd38f4e3b386f30e7ebdc14ef

SHA256
ac738b8f617b74220e663f7a6d4715b00ed3fc49ce181c790ddc56a128896622

SHA512
622c186ecc4525b89a1aff9dd4f91e2ec9d23911f19183c01f599e39ea62111cdd5c5954d5874e3f61360d29890219db86c85e56c625d6240c603737cfaa717b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
2300bd10ac09b5e1060f1663bf658b49

SHA1
509b4aa8931a5f0850539388a401c883a05828e5

SHA256
3ca9e5d64b59172c02dde5b10b414e555e72aef7eab8848c698ae1305951908c

SHA512
17ef08bb1d75ea103d72f23329107dfa0fff90e156f91314e14d73f7c3b0b47c1a53c53e037b17a018c9db51cf8ad67f69c0f910ecbbbb47463f4802049f052d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
5a783d597ffcca22c6d426d226aeb642

SHA1
c31e9954c251d027e3221869a6fabc7723c41b8b

SHA256
bdb8c812f96935ece9665d260523d1bc183e76e867f5b575ec5c9768f58b21e0

SHA512
a7b1eb13772f677dce9c262084b6df1691abb577a025197bf1d8affcfab1e8f9ea8f28814634c6b2a037ca46fb829e44e2a243f7ce493aab8543e06dd4bb6fa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\86b7c616-418a-421d-9d6d-28edd92310b4.tmp
Filesize
1KB

MD5
1a298e83e06d4b78761917401491c601

SHA1
30ad855eb2930d53312d0e0160f73655e082f342

SHA256
3d6a2cb0d23288af1c822594685912ac35e78cf696a405ce5ba901a2cbbf9e25

SHA512
f3dae637f007565650a5ff12f3abcb134c1d247742a099d137b0b182ebadb98b22a67690fac8f7661f2a70e7e77be8e8f03a9b6eb014a843af406eb52cb4eea9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
311202e45b36035c6ed208e17a3a9ba7

SHA1
3f1a31b98bd62983f08eae81afbf9e97ff1777ab

SHA256
16f989d242e01817e8bdbcac87b79c70f38ce4fab969f3be0c5b73f02c4e7d34

SHA512
d89067e1ece795c80b03d0a60ab30ff578fe93ce41582bf3c9c7d182861c1bf7e4617e8e376a86577183a0cb05dac65c6ee3069799772114de6612a941f7b339

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
6658408ab50c4655eddc6647c66d006c

SHA1
3b11721bb38f38cf5221996025e5d95f13d13c78

SHA256
a69347b2a10de6ad965c21959f1aab57e5affbe6c7359c6c16281f965de0931f

SHA512
8e109b491e7279ab4799bb2e5e675e231ec0b2b8b2e1dd2cdc1cc7afa7bfd8cc7787088d8ecc3a3523204998558a6cca25a2e919d046c0f1004f3faf1a92fdb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
371B

MD5
7593123af9f3615fd5c31863f776a357

SHA1
5f438a60a127261ac22b5021fb075d190207b334

SHA256
bcd9df5076f9d38c4a9ecc946b3e0f2cdad9e645d8a2e5290f1f980b543294f6

SHA512
33ba68b5f2f4201004771bbad1796d7f9befe20a14a24d5a3088c7096e81d7f7e77eee42804e23a865f87668245601740f007a6195c65451da1e9857f6b771f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
1ed2a4e1b6fdceab91b73cb818e68643

SHA1
c118f13115609221db433627d2324a2aa7ffe198

SHA256
99876ea6c9f5a047115ee61ab695bf3d8743ce65ccd3dbb21c49cb628a196157

SHA512
719f954c9a26897201abcc6309ce1a22ef2b049125f7bf450afcc505bf03d1a42418ffe4709ed19e5bf1eb068f0980e9fe834b495b2613488f20e1d1123c83a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
9c95457745c47c99470df5bb242b6989

SHA1
b8d49920979ba0a4204b0a187eb51160c9c4f325

SHA256
12d050056d32c57e2204402fdb673077b8d0b78b4b036bd1ddfff90afc7111b0

SHA512
6ea8a2873a5395d4c00d581769e9eb5ca60841d31bbc0d1eb9c7928f2c487e2a00aed3cfe701695fac0009a5ce08a10dee2005fed40f9c64b8b2cc5a2a7a49a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
5f1cced9ac16740a46cc152bb97cbde1

SHA1
f99064b62635506d74f6d5c0d51f0200b0462ae2

SHA256
9badfc3a2db953547c221836e4b51d99907891dddd6842928e1f11fd40b74baf

SHA512
05bfdc038062e44501a9b18215963a0863135a498a3a9dcc82eacb9d1888dfc39042d408b8549a817e55765bd0f737b96b2f9afec269ae18f2287997a76b5d61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
b62321c86ce6230a56c6a36cc6dd9883

SHA1
ab65c7be2f7911751d586dc62d90d1d5ef5a7726

SHA256
fceb152098ec20068a78d951b30a180fac787cf86fea691d21be4edf557568e3

SHA512
d8022709f8b0c27412c24d94950b72f7708804584b6b6d0897a1a5d4b2bdbf2ec25e462ff4e17694ce79f25a61de1a89b6a33f42081f3fa2197b3583ea51ed2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
3deff8d05ff4cea6b3c9c08d1ee363ad

SHA1
7663630580a1a31b20c0bc9365e11dbaf0638038

SHA256
d63d90ea0abdcf2dc704e3c556dc23d1354e2a6b78aaf85d727b24877204e0ce

SHA512
013d6419c4fb697359d4df96d7851aa6306dcfacb3cd672a432ee8f77c98839e1152ea2d4b322715b9714d7728fb513114376bbfdce28ba5378ad7ad16a0b489

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
c24bb52e6b29ba448ffa5e4593fd89a6

SHA1
a8a673789fe994d3ccc6f1b879058a64ced5474b

SHA256
f24cd2dd8e17043255ad283b1593b1be265d8dc06869af145d48558cd965171d

SHA512
12803dfecc894448a133397156c2eb56381f098fd4c96d8eedaa9a4965418afcc6de55560b806e45f8992a85d5d47e7fbb1f43e416150a81e3583202c4f09361

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
79935e36a27198a2ad39dcf6ae9cd2f4

SHA1
c74c782c712cc4dc6493e8c24d3e9b5ec4393716

SHA256
48cafb29e7cbe25a7927a90f2f1d4da3286d632fa04325375c74d1c306d5e480

SHA512
aa8fe8a56353867948d32179dee58b74c8bce24e7e7a208bdfaf24cae8c9d8632e924014f65ab7202fcbc4cb179591956380bbda6ec3693cc9102df18e050b7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
4e3a8332c44e9a3349e3356b4ad1d178

SHA1
8c36b2191598934725c994c1268625950e40c491

SHA256
af45527e91df1bedf44a617370851c79f8ffc91bc1fb2871035d8ea5c10edd52

SHA512
cc2681d909b08d61cc5f14d4eda2e011c75563637ad1bb54702f897de9b5c192865390580dbc9e19cde97323def3e7f31de893f928302740faab1a61cabb3b25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
11ca42569e111fbe4cf3cac6fb45311b

SHA1
f3ac3d3368ee36800e3825d702b417067e17c4f9

SHA256
cf0ad7b81f16995fd210c5489852f642f34d284e8e3e84e3922ef5fbed4e5d80

SHA512
b5c67767e37f0ba3bfb23a887f1a7991bccd909ceb4508a1d29bddf85d6cdc84bcaa9d00bed0d5847d2f3ffeb2edd1e84f226ea6f39fca2ee37434412fb688d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
086ce212f11f254d3f1d09011e6286dc

SHA1
55e5e59da88f2d03e59ae9db3168b62781eb3507

SHA256
d9b6197ebd204a246f15d57e4b9f186a312ed54e6852d2e7ca7f01a09c237f9b

SHA512
d5394890375726894cd8c3dfd6ef54f582bbb0919a081494c0baec0ff0b39c00fc6de6acd9de515420a85efedeba698de4ca04f199183961770f61caf9b020d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
65596921d552042928c73b6bd346021b

SHA1
fe81e09cf122c8d87c723290cddf02676b83af50

SHA256
c4455b4e1850992d0d267ec6f5a0e4641f7fc70c53fb55929ee396edfa85d058

SHA512
e6a705fbc2b4d4e972c854f1b71970757cbe9b0d826d44f55caa6097e5250b4074750b72273d7a1417e7b26a2df2d8865abae19d79ed88fe7818eaa8b82d68b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
56bd3b8f95b33cc9204506a43332cf3c

SHA1
dfc6b9b0b8af347485c2eb8aca0903d80066e1a9

SHA256
ba3b381e8ebc00b959fc65070dba27694d28c21c7934ca9334a4931f3a1f248a

SHA512
c3b27f7aa49ed0fa72288974f2e8969943de2289c3e11b513b4bca68405e83e9fb25f7d031809dd50a5c86ae39c6d4d381ee41a795d45312bd22c57107893435

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
087ccfdfdefd2df19d182a792d4917db

SHA1
25a4b2455f566fad9e8b2f9be96eda7aa43708de

SHA256
8041a0b4fd6786ba28531814a099e930ca9a6b1cb8c0e37ad4770d28f431e0d8

SHA512
cc6f0aa71b92a225dd749d6769ce457654e2db40bb7a6d874c50832cadd6fac65b3079830a5b3536839ed73487352657537328c9754153079cd55b3d559264eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
15KB

MD5
0b324161431ba5afde7be02ee35d9b8c

SHA1
1c3221c435bb99d081f9315bc7f3fdce1cb61e03

SHA256
35439f5ce0033294a4aa6436db29bcf9902fceac1b62406929affdb74a6c81b7

SHA512
91c7ea0435788c59720c190a51649fe21ff8d289b9904c2edbfa54db91632b990636559a2b6b53c1daade79dc3340cbf54b9723a8a182132781293d5976a065b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
120B

MD5
3db3d3700df60a46e095324bc302a3ef

SHA1
1b31ec1a80d16497fcc9c0f57e37877d98cbff3c

SHA256
8efdd380f90da9d08fd0ee77d6f21dc4b9d67075a2cb4acfcd74bc45e574ea2d

SHA512
895382f8d777cb0b60d2c5030102ac31b69475242ceada28d3e5e85e86e54d6d2847e23a62850a82b0c993ca50b4ad948ba09db1f9d374b724645a1dce2f5b94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58775e.TMP
Filesize
120B

MD5
d254373395d43b0a5ff873b7b2dcd154

SHA1
590c9cfd34ea7f996bce082acb7189a7079d10bb

SHA256
0aeea23037cd47a717ec90d8b82ce38fac76f97d46d4c75faf3077fd41f4bb58

SHA512
ad7f132f51d1fdb8a4e16d850fc2f0e481d4d5cd29152229b84052dff20c5fd738dabca834934b138d2e552a86d164af8e8aa5e16b0933abe222be376a1d1122

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\be56e92b-4103-4ffb-be32-b543c3f08a5b.tmp
Filesize
6KB

MD5
60bcd70db96008131013f2f47d049b8e

SHA1
c5be1da3a3e0f517cc1322c799a12d3e5e968dfb

SHA256
c5f4705a18c9d261498ef8829a1683c7425a297a8a11f3f8f7f2770ef6653abc

SHA512
32425f7516d0311d6ff7fee60a3ca1f9dface10a8e5c0e6a2904134b5879b8bbf486eb14ba265dc1aaf4bff7c2c36b179e4381d1c8d3cca0a7dd1a2e76cea971

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
147KB

MD5
771f10c80b0e64806a642df65a1be029

SHA1
cf552abab629a7eeca4f339dc859e2ca70f00b07

SHA256
21bab44b7ac9897d2a8b3f581f0e0720042556d2baaf34e64fec9f3673a934a7

SHA512
ff55769f6d10456161977e4987849f508a7c44d2006cc05b4b8738d5a9e9b1a75c36db34e07e60ea245a549b02a685a8fe3c9501d87f2416e81f1771482cb087

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
72KB

MD5
6ce856ec7fd896de443a15dd9cdac9f0

SHA1
d3239627190d46eada1cbc0c1956bfdaed45a066

SHA256
8b11b439523ac2a16d2e6ad2c7ac549671e471d0e9b4bc401101bb3bfdca1767

SHA512
1400a0c11f6bcae6dd7c37b0b738cde6c481bd3c675978ad12ce406aa69a066b645d6eec283d23fc44a0677f06a287de9136cd76f301e833debc52d86dcafc9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
146KB

MD5
033eaae672003d324a51e382e0dbe531

SHA1
69f2a21f3d07ebf395c8180d79046abd21396a61

SHA256
a2a081c84bf81b0291c473e5f3504b5d68772e7587dc1f7204684b6c409d8639

SHA512
e9a0ed58bd3dd22b71a4a32108de7d9f56c329604dd871e8b4f10c95914aff4150c54f485089795e76c9059fba1c53b05824881957ecd4af50aba246b5eb93ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
146KB

MD5
362c3ad3d6d6ad189c7f49e86d5f712a

SHA1
7ada7d8403a6ae237f7e88294e1551c7d2103879

SHA256
c29f3188abaebacd4895860ea89183126b9629bb6c685f421aa522381ba043f5

SHA512
196552729f73edbbdfe17c681695043a58caf42c3b1c4023fdbcc150e9f3bc6e782446d18f9a13b4976cde54f3d2c34848a1a42aa40d78bbbfcc0ee4063c3705

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
146KB

MD5
37aa5b8fdf51c5ad96bc28d780d29d2f

SHA1
54c07b42b24aec3e562f4acb9fc7e4d56df447c3

SHA256
bfa09d23b92795aaee7de955018a765c210425aa89d8b77fdd2f4e325cf7b83e

SHA512
4dcad84df44af780f6aee8d0992cdae530de28562fe48d7fa4a5182172ba82d469d637e4c33cb4201102905189a8cfce7276a0c50899634f7baa7d9c58f731aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
146KB

MD5
c6d1d5eb3b7faf86d59a76e4643f37ce

SHA1
02ddf14b9037ef0036be43e48a2db9fd13a64ab5

SHA256
e33378c3f148e5a81e1874b728e0e978e416cd6c8c4f7c7c5c4b5280c8dc6f88

SHA512
e78ab6ede1af0ffe7f4c099c1d0baa97654a343299d070472148ea37835e9ad94318a9416e2e625ec0e867eb8ca8849e7ed1e8014c312c7bd58efafba8f79695

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
105KB

MD5
310cf8adacd70c2e52ea9a574d936feb

SHA1
18a3d2e2da91f64fbca74a352270b8f15f5127eb

SHA256
03b6f64f20cb48335ce56c43c9666c07cad14102c0092922da0d4eabd803734e

SHA512
be1d6632fce19d1170dbfcaf9835db97bd7bea103fc3253c78d6b331447041f6bb3061ad936a0bdfc0b6c7d041e57a778503cafb3b411e8cdab245dccb9ac08a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57e995.TMP
Filesize
96KB

MD5
2b67aa95a563c6bf52608499b71021ca

SHA1
f06c9191c2fceaa60abe757cf68c78afc9c182f1

SHA256
c2ff750a425f049b83d51bf66a05ac652eb859da2f4e914ac5228f32b23538a6

SHA512
f793a5ad1e85f93c2a8981f3843dccb645542170ba3ee1b9156c42fd449a1b169439d6b994ef491e8093ee91761b40664bc5dec4e42bfd89eeb64f6c44eea336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\boomnew-main.zip.crdownload
Filesize
11.3MB

MD5
1664c2c7811467ff5a9c33bfd81620e5

SHA1
2857f780e22afbb08929d7a511f969650fa27e0e

SHA256
26cb4102271d62bc373538990ffee46d37007e4ef2ff380b802f03b516757a0f

SHA512
e9375481d6bea71b147e9127731c90810bf02dc872564691131d1ac50723b31f69537e6ec727ec4e39a9e447f34f8c64d50742f838a6fc20018accbe794da895

Download Submit
\??\pipe\crashpad_4880_GGKEXNRTJBHNZYQB
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit