2c21ca7f232beffd48a26b0efb80cbbe93345184f29eee2cf175c73d6822c204

Analysis

max time kernel
202s
max time network
206s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
08/07/2023, 19:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

KRNLWRD/Bunifu_UI_v1.5.3.dll
Size

236KB
MD5

2ecb51ab00c5f340380ecf849291dbcf
SHA1

1a4dffbce2a4ce65495ed79eab42a4da3b660931
SHA256

f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
SHA512

e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
SSDEEP

6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 7 IoCs

pid	Process
3652	VC_redist.x64.exe
3764	VC_redist.x64.exe
3536	VC_redist.x86.exe
3200	VC_redist.x86.exe
3672	ndp472-kb4054531-web.exe
756	Setup.exe
2572	krnl_beta.exe

Loads dropped DLL 7 IoCs

pid	Process
3764	VC_redist.x64.exe
3200	VC_redist.x86.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	Setup.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	Setup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133333195826757724"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
756	Setup.exe
2240	chrome.exe
2240	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 19 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe
Token: SeShutdownPrivilege	2228	chrome.exe
Token: SeCreatePagefilePrivilege	2228	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe
2228	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 4132	2228	chrome.exe	90
PID 2228 wrote to memory of 4132	2228	chrome.exe	90
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 1700	2228	chrome.exe	92
PID 2228 wrote to memory of 2856	2228	chrome.exe	93
PID 2228 wrote to memory of 2856	2228	chrome.exe	93
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94
PID 2228 wrote to memory of 4492	2228	chrome.exe	94

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\KRNLWRD\Bunifu_UI_v1.5.3.dll,#1
1⤵
PID:876

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd8fd99758,0x7ffd8fd99768,0x7ffd8fd99778
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1432 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:2
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:2272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4644 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4800 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4924 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5148 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5208 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:4244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4792 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4628 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3348 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3592 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3256 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:3216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3808 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3804 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4788 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1796 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4012 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4756 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3256 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1020 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5540 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5936 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5912 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4576
- C:\Users\Admin\Downloads\VC_redist.x64.exe
  "C:\Users\Admin\Downloads\VC_redist.x64.exe"
  2⤵
  - Executes dropped EXE
  PID:3652
- - C:\Windows\Temp\{99A23355-64FE-49D6-8A22-CB0BBC09B2A9}\.cr\VC_redist.x64.exe
    "C:\Windows\Temp\{99A23355-64FE-49D6-8A22-CB0BBC09B2A9}\.cr\VC_redist.x64.exe" -burn.clean.room="C:\Users\Admin\Downloads\VC_redist.x64.exe" -burn.filehandle.attached=568 -burn.filehandle.self=576
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:3764
- C:\Users\Admin\Downloads\VC_redist.x86.exe
  "C:\Users\Admin\Downloads\VC_redist.x86.exe"
  2⤵
  - Executes dropped EXE
  PID:3536
- - C:\Windows\Temp\{74760D4E-F01E-45BE-A2A6-1764EDD95ED3}\.cr\VC_redist.x86.exe
    "C:\Windows\Temp\{74760D4E-F01E-45BE-A2A6-1764EDD95ED3}\.cr\VC_redist.x86.exe" -burn.clean.room="C:\Users\Admin\Downloads\VC_redist.x86.exe" -burn.filehandle.attached=568 -burn.filehandle.self=576
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6152 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:3616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1700 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5504 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=884 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6140 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4656 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:632
- C:\Users\Admin\Downloads\ndp472-kb4054531-web.exe
  "C:\Users\Admin\Downloads\ndp472-kb4054531-web.exe"
  2⤵
  - Executes dropped EXE
  PID:3672
- - F:\726f03916f824cd60b7919\Setup.exe
    F:\726f03916f824cd60b7919\\Setup.exe /x86 /x64 /web
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Checks processor information in registry
    - Suspicious behavior: EnumeratesProcesses
    PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=4024 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:1768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5500 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:3232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6152 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6232 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=2004 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5184 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:1428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6108 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6416 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=4616 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=4644 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6280 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=1632 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=3096 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5888 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4556 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5548 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4700 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5632 --field-trial-handle=2208,i,13600434747680062519,14732828742730652936,131072 /prefetch:8
  2⤵
  PID:4708
- C:\Users\Admin\Downloads\krnl_beta.exe
  "C:\Users\Admin\Downloads\krnl_beta.exe"
  2⤵
  - Executes dropped EXE
  PID:2572

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1488

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4792

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
55KB

MD5
088af9c3000a2868467ba5231b976d1e

SHA1
e319a99ec36944dd3b9108f1ce7a280c6bf77121

SHA256
50b38cc4a5cb6f81a8168f99ff4576d5b957999f74d5230ca04df12b3b47e4c0

SHA512
df82981fd1f0d2efd1eb24c0815ba3133ac2e00503a8468ae5a85abd139786f8ca145d2f36b92ba1235d726530cc780f8e772e5260cd8659db9ef35a44941fd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
1d3235a81ec84087c5a3807080740fbc

SHA1
f0a1b395f164c77d4363d1f7a123ca6431f74486

SHA256
f125b371cf38dfbd55bbb7b7aa01b822c7138741f1cdb374c29fb06fc7d50b13

SHA512
bbff90677d0cd1886935c415a210631df153d8281143fbbca9f248c7f87885c0a88abf384c4e5e0f13bea693869dbbebb32e057d787873548fa0bcb4b7b596c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
cc1f7d20680a0e08dd4d6f8491154dde

SHA1
9207cbf086568b2f934515de5fbe9a1a8653860e

SHA256
86baaaa16aa13e0aabc57359e7a4d34e368d92d677f9c6b2597be548273dea00

SHA512
098477f4197861fdf69aa47163540df3e474c7f8eecc127f3846e2d69ae39dc5606f80d8895044dfa60b4ba36327f75e17a5e7a6bf5caa2a043deafa7468e728

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
714c4b15d3e9ceaf19519e8b6df2e284

SHA1
384bafdecb4d600acd3502c7b1cc5aff33f8204a

SHA256
6624dc2f1f1177bad15af7dcd886a2c915c959099746309321bb05a3a3d146ba

SHA512
bea1b3a7fa57248b2f767746a68446f03d80200110e0f833f46c252a794210f3178118aeb5dfd74b19619d2a8e56223182f5df81aa46cd49b4732c71d7e6e5e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f66867c964242f8bc8901216d5302570

SHA1
7bb55c5315410e9494194177aea9a11ef213f730

SHA256
62a09e5d6519837ac0e260c8979c0d030dc3039f359b5170e03d339795bc2b36

SHA512
515e8241cf83e63ecc1b6c374e77df01ec9ac1195c60832a22ef7a4901e49fe8f4714e89b2ada9589cb0844bfdd3d7b59dc9f9925655542c284c09cd3e327ee7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9feb03fe4f0bb6432df3ca3290bb9787

SHA1
7e4744708344a7b66eb3bddb562792f5df6fc832

SHA256
d7037145a1bc2bc367af11e4d0d53ab240a542b84dffbc5337f0327f9b390f0e

SHA512
f6869d809e4deb9352ef7ebb6feb554206d6b34702626ec3b4054fd2118489ffcfa4dc08fe934179c6dab83ea6cbc003e3ef4d52181a94a7f230c655eebe0a9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
577693fc2d6d3c663fb4f8fbc991e3ea

SHA1
405abb5380f67ca47cc147f9392e861caea5d458

SHA256
611bcaf61e65c4eae44f4aa28e2f03756c629e59be9f922824e0d75e0ee55557

SHA512
3c8c0ecd57f2503d8be542597197aa6c613604c0cbc73a5497917b62039028bc437d3543f01f99fb2ee23ad6c6330e837c7d599aee8b24be62d2239ad39233e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
1c002ae4a3ce26368aa2e22634e28ebf

SHA1
aa250d68ff9b58dd8d1d74f884c54b44e881eaef

SHA256
897c176ffd0b19637fbf3ae8edcd4763e25f65cf2521e28d52496a06187065dc

SHA512
87522adc9ad51f8164950c838e5190df7fcb5271395006afc4d543b8eae8d61fc5ecd1a173ea83889284eebcfe2425e8046dcd871d6069cc149325f50ff5be66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
705B

MD5
3dc54f28e3d43947876bcc1e8d79689a

SHA1
ea5aa7e8f5c3b6701a83a78cd961040a1e14a746

SHA256
9b46abb2109d1ef77c8df5560b2493e6c6f539fedd1b5c8d37deee77b7bf7a51

SHA512
98e0a2c33807fed8c93087fa3cec09f84ada9cf467ddcadccf787d65d4e6a1d6db87a3ad75badad152d0ad826ad318281e20076f40aa4663f3e83f8376a22a41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5ae78c3e8ff75da0c76e239a911c70e5

SHA1
68e8b31e6c7974190ee95a2038718d9c352071de

SHA256
5b175854e96c4dfd1c7e7b157fad491b8c78ae6dd72ede444fc6d235128cd905

SHA512
6d85f4cae8012100a4ec0cac24177e2aa96a8e60b3b457571ead392da4831144bec2d47f998497e2e150341c4d45a382a06c514ace172d4fb157edaec02edff7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5b5359b1f304892337c49a7b06f6cd21

SHA1
f686b38d2f9973a408697dd83313d8367da6ee8e

SHA256
08a04d07c7b56032d3947b3efe7e1fba532d1782e7e3c94036fda8b2022c5bb3

SHA512
35fb35662ba3f04e33ecd9a21428b6abfc13350f67fe1f57b41b71cf5e94f6bd538d5f48bddd77baeb7284d8a04101397438903ce8117a1120d96fd974c7114f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
921a487de959b0a2715aa0a8700616db

SHA1
789b5ccb5224ec367e5c6843b0ee741c11859836

SHA256
17614f74f423f1eb07800ebcd6835fe6b768d3a74769714100565ee224da20f2

SHA512
fb8aee4ad9501b5d5afe091cd42c43bc1dbd3c55002a3095d968f2221e7d995d2766d2b4e16fa3a49a5fd4c1e9c9fc6f28d023c15563d41359a62722f9e7b1d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c2c05f5e4aa9860aea4f0f1633bbc4f9

SHA1
57b2133bf94d00e86bba86c0edeb2c120a0d182b

SHA256
073ee4f8341d9945eba848215ab8ff4ae185647e7dbb5b928263feef344ebe48

SHA512
9ffa539bc932b9e213d25db9d24bf3482371e3e12fb508bd54aa5e73e91c92a80df1c2bbc0d2877594daed19b27bec695f29ac36eeca80481ae32e17210a2315

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
eb0f80da3ea17ab53258ba8a63fe2389

SHA1
8a75c5e71356a789611966d1235b2446af1efbd5

SHA256
87ec9073b0b8e4dc4c10ad015251e90675df7f17027a7cc035959fe28fce9832

SHA512
b75a505d1c159faecbf6d9f15050bbc969d4f6d51b884a7db13fca9d562617fb0433e60d9ed642ce9157dfa92db61f7a169aa89ee544bbbb8921be4a2bc44bfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
678d07cdc2cf005fc7895ad7b3df5fd5

SHA1
a87981b5d81ff981a4c49fd974dccee5933e5450

SHA256
a7702948dc2753abdf2fbecbae9116f17097c4fcc356153e525937362fc132c1

SHA512
346f233ac40f01417e950ca31352e2de42cb70597edfe8c48d192242211c85d3848b3ee68a0035c99d791c91f977db2c9ed60b21ad14141f649beccad6e73a6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
21bff7851d247083c44817a8106208da

SHA1
a13db75197b16db168d94ab06d31aedc6e3258da

SHA256
6702ed09fd59d42ad793444b18eaefd7631950392ffcfd9bed5da570c8b0505a

SHA512
aa3bef4ab0cfc3682be2e7924d595f52d09a2085caa2af401ba161c8eb12959a3c25ba5552cc2fcc64b0b86a87dd0277efb3c7685e6ec4a1b8c3edb48e375c25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8e12667854374b7554f07e623b75a8a3

SHA1
2a7513c80e67d44244a278898e3f24eac6e8904b

SHA256
54d58f0091c184f896439cf9484e1044acc075ff0914492bd7983933b25863b0

SHA512
073e68f3dcf152565b3eb1f92eadb46720e21abda5129d8859ce0e99332e712b380119c521bdb58c41e8d258f3d45adaf9854f88fadf296d89071f26d87f4bb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
942e8e75fd84e00fc20d0ec1709e5d4b

SHA1
8a5bfbce7d933adc22ee68459b899479b1d37a11

SHA256
f673aeb47bbc845b272bf906b4a22c02a8be56332fb47ac8733bb99ccf5cb056

SHA512
508552dec5a3942d30c732e5d2787451b9de0f050e241c01d8c962f82651479c6610b8c6325b62a5a1fcfb8d8d038a308c42b374f012c87261264507779dde22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a7163943ae3635f5ab563bb5ac0a8174

SHA1
55cd600fc5f78566550d1f182eac2367322c4304

SHA256
a80386976e37dfa088f6863fed67bd1ee3add10d9be9b313bb124f34d76393bb

SHA512
7353793cd2381bd614c61e7b5d1ee4ac4de5c9eebed8333e50f2fde539c9944a45ab9ec6d78847508e9fcc0e473dc9cfd970684426d2ebe6569f57ac1f369edd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a7c31808ee9fba8d1323efb16de0dde5

SHA1
c9a09aefdc0820affabf7b0e25aea3265afd2314

SHA256
53884a084f8a00f152563b4764d2d10e1068892ca2c4d6267a02044b210a6e6c

SHA512
668a24686f9b52281c40675ec1c3825d49f0f6ed4d68e2830c1fcfdf34c0268e11da5d90c53382d87f9815f59e770836df84328d1fa3f2f8b912006dd5c2b6d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
9ec53de01b1957f2597d68cc8b430349

SHA1
85ff7891ad96ec6fe89ffc90bd2a5bfd78416460

SHA256
964979524815f2c211c66075ba009ee34dabdbcac94b02ea792d64a6803799d6

SHA512
ddffe59c15eca82291ea7977d2454601a3aee9bd2e4c51cf645c79b795ba127d0aef9e816560ae320c4e525f65796ceb1fd665f663d1d09e09bd79b25c16b7ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
cc5f01e4ae8a9dcf3e023b05c9b429a4

SHA1
6e7a603085d0e84806133ae2b61de3048bc38645

SHA256
f93252cef93d96512b5120dd613a3851e5e82af1de2034597cdfd53ef67f8022

SHA512
0d3fd042b4ef3d79ae32a384987de2bda9c2fe2f03ea76cd23be5e6c4fd46c77c2a3ec7a193675a255915fa0c271bed113e7f643786aac7b56dcee068b69261f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe596519.TMP

Filesize
120B

MD5
39d880ff03bbd8ba2c394a8a5667f578

SHA1
8cfce17c6b583909a83ada7bdeeb977eaa935ec8

SHA256
71664dbc510587bf72c478473a3e4364cad5cb19c2917957901c02c32bab5a05

SHA512
a2c4d29f62f65b6cdb182eee88929cddc9537056e96997b004377188a20fca486d3a9f8516467d2943425ad337581071e87ba5e3de41adc4f85f97dfa861fcd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
a07b44639aa657840d71900e5ba48f7b

SHA1
29445001356b92b7c069360dc698c39bb111af47

SHA256
68196b09e084f6e9acaa4a2875f8044429bbf736e2db5bdec51c8c365f868db7

SHA512
7755613dcf8340f187e14c17f7b0980c1cfcb54d94ab03b6d913dc3ff4d76ae8bd065976452b8d5a813ebd8a9c9b6d30c9ede2362887410846b88d5083300d7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
814c75983d449bc948987ffd54cc5262

SHA1
8209ce08d476e55d8c46fde213bc945b1dcb489a

SHA256
0fac1a5b39fb4ff0a850fda561d967445fd30aed17b6c033ee19dd4977edb0c1

SHA512
ef34c78e730882f5c173e7cee49f5fc20d8ad481579cb6e636d3e398cb98e2e81bf24daa3634acb95187ae2f5aaa25c9d88beea4adf5ba4e89f39d4da67eb38a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
6fbddd4bb68b6d37f32db769290a617a

SHA1
78e224e283b6b0ce38d53d8543fb0d8224f16d39

SHA256
e52b6f336412000a8ba1b0432181e3fe6d13f43e326db9ba55647437b815d3d7

SHA512
e52be8ff5fdfd5526bc8eec3aece7129aa82afe64ae40e1caad4308df763604d1e7f22da14fcb8b0a67818bc5b573c2459426102e7670b31ea55a172f25d3aa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
c2d408bbcb005b42c38411814624d55c

SHA1
91afcd1df62a78dfe71436cdccf205dd62256b31

SHA256
38fae219f2ab971401d1443382ee8027ebd3cc1801f2c8951967ef9f5cd5f8eb

SHA512
922368eeb5b7ee224387c36ce4a58aeefdaaedc50d8bd4104df0be6c61b5ce9d18baddc3a7f8be18c5ea9ce31f6c1c44a7866b055dd58b7f364bea422516fee6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
8e5d8359b7276fafdcf9b04bf4631a8e

SHA1
35baab1e94c73e99e62dd7a5b4ce5d2bd30f34bf

SHA256
bc8fce59d2a81141332a1dcc38313b5e50791982442672b42cdb1024cbc46780

SHA512
17f751e8c0f75a74b3c5cbd8e465f88c272f2fdd05fc31cfd9bb19af7146b9ad4a5f830262498eba9a03e8f8186f399975bdb4aef5bf647b0105aef9908d6656

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
225KB

MD5
7560c03fa502c686940b10c645e7e54c

SHA1
b250ea50389a2c97bdb15052784ffaa301c6c5fe

SHA256
9de8b845d688a6534576c7cb923f96b0edf1b141ae0f3aaa7e826b6cb9c3196b

SHA512
69729ea9f91f920eebdecf848fc4d444d589c8d6b476155b440f4a5fb54bcf7d78577b518e91f595b2817bdd128197ec737bba8e28474707ee58d0bb6382ef85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
51f55cb6e58acb9ffe2a905c9aea1f78

SHA1
7c2b07f1441adb62c3ec89f037f4810f941f03fc

SHA256
419b6be3109461d8cd23c36c03b4fb2451fa4e2e84f2093104c207fe20d0aca6

SHA512
cec644a6e99ec14b85e4173d1eb68522c8a20f04ed8f4493e83792339a28d62dd2d231854a17b94cf40e956a99da994874e0ff1c89ce9961a4bc2c0116cf7459

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
119KB

MD5
0c7f7d3e3deaa73e3880ffe4c9bcfce2

SHA1
62bbb5f8b17a7f15b6b39838b54178ea7981125d

SHA256
471fb42f0790393837c8037ac97966ebc2f51c86050f3f6a496156a7f95a8e98

SHA512
444e0c8ba05124337c6a2fb6aee71a0a19d1b3a93bea54d5ab1ca81d7b04f14c6898fd912f1215e11a5b88a3b2f92a60aba698059290e919a7586436c658c63d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
113KB

MD5
9669d669c8a2572e386db7fe18d1cabf

SHA1
5f993e85de728ac8c99317af37ca644bde423b57

SHA256
ae6e88c00806d9e4980834bfb1808d9497a3119d615d4cd848016298e9ba7041

SHA512
59378c6df4c69c7339d99b653f89775747f9da7b9c06b5c29f7e6383bc4f44b1133c718407948d9cd7a6d52dd3c0ca3be6b540920493ce13500177eb042072ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
106KB

MD5
89ea87ccb8d0741ea88d0df61f558f92

SHA1
eda84c9179dffc875ca55a06eea8ad0bd38377fb

SHA256
b9508f9b67722bf6bcfd81313847343ac276c7e9ccf459e86fa7fcbd89960afd

SHA512
cc2bb0560513f6ebf14110f3aa31c628535f25ade74310186c77b24f9c910c1751faf72cc4f266242969b8c09f917bdd3ef057e9bb78b42f5a7af30388a367f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
116KB

MD5
fe800a91964c84f3757eadde61287411

SHA1
586ef7b1e3f3a15517a77c1f507dd4a1c077ae6b

SHA256
40e717975709de485f25f55af05836cf37c40b19a71984df799482117bfe75ff

SHA512
dc7f3e5e7befc926ebe801060ee0c4e2265c75d213b095d45516e9afc6b1d9a95fb34d9938c6e3a780e92a8116f751d5c2fe36eff876df8ea59100cc2822f3b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58847d.TMP

Filesize
101KB

MD5
45c919e9dace93d75615e4fa07df029e

SHA1
e321bd21f7eab3c49e81fbaa1a8e934efaaa6334

SHA256
3b5659bab7f95bd7c9f4285d6b95085673fb34900b12aa0eb6df98201ef57718

SHA512
2eb6b5311fe84afc8430c31d2350a35640507f3fb351b297764772c716e33e6b8646acf131a2bbb8d8f893751139d4647d5b7092857679a508b4036e3e971ecb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\HFIB581.tmp.html

Filesize
17KB

MD5
6c0e858ae7f12f1b2b3bbfa670bf22f9

SHA1
d91b6d53482757793b8d45bab869a12467e543a1

SHA256
c8c20f3e8030168b85b428c245ff150274e293739ea9a9a024481a1833fda273

SHA512
df315594d397a0542a7fadf0b3e38a93ecb3baad5178cc875e9971e5c25ac3d784418de846df2c9e71a76e06bcfe94682415a1e08b5304f389878e7b17352908

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 331243.crdownload

Filesize
24.1MB

MD5
35431d059197b67227cd12f841733539

SHA1
ae97f1e35c50a3c1b7b231995ad547828e71fe4c

SHA256
296f96cd102250636bcd23ab6e6cf70935337b1bbb3507fe8521d8d9cfaa932f

SHA512
dfc0a9bd4151cbb9407a1234e6c892b65d3db35f1a95684547fc0f5334a9b3d19efe88d5f2661d7b4a372489334098629ffb2c433d4128772c3b021ed259424e

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 347821.crdownload

Filesize
1.8MB

MD5
3701dc535fb395d6a1fb557a3aeec5e9

SHA1
ef517659229ddc6ecfc02481c3953ac9322dae35

SHA256
ec6df713446a8dd5efb376fbb7b444ed7e09f5cdd98c0494999b64af2e2d5537

SHA512
20dc14387138f913034bd2c265156dca1f36c128c040a99d6904fe6f1830d2f98afb3dcf0553817adb66e480be7d0fb0d7df58f0feb9b007a5a6bab648b081a2

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 466289.crdownload

Filesize
13.1MB

MD5
dd0232ee751164eaad2fe0de7158d77d

SHA1
7391663f07cba7c99f3503929fcd3561f1f6a552

SHA256
4c6c420cf4cbf2c9c9ed476e96580ae92a97b2822c21329a2e49e8439ac5ad30

SHA512
cc82a7a8ead3c036559109d4daee623622edd4b4b5241545efa0e36d906c1af10d4056ad003f8849475f4e1e625eb9f27de7a9e13b28ac7ab88da99d5f926c2e

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 890663.crdownload

Filesize
1.3MB

MD5
b3844d880d71de6d787190d2e378101b

SHA1
0e1ec7c7e9e2c7678db5548de80fc5c57f97dde2

SHA256
151b1c11f625e7122d517b6a1778841df8ff168d931c41730f59b9e4b8bcbe36

SHA512
99b1d7f9264e7d5aea7b01b69ef541065030055a37cfd76f9846b3cc84fd6f2bab612042d68ddf992bda41553c493fb45830699ba5f56ab0aee200cc539cc5d8

Download Submit
C:\Users\Admin\Downloads\VC_redist.x64.exe

Filesize
24.1MB

MD5
35431d059197b67227cd12f841733539

SHA1
ae97f1e35c50a3c1b7b231995ad547828e71fe4c

SHA256
296f96cd102250636bcd23ab6e6cf70935337b1bbb3507fe8521d8d9cfaa932f

SHA512
dfc0a9bd4151cbb9407a1234e6c892b65d3db35f1a95684547fc0f5334a9b3d19efe88d5f2661d7b4a372489334098629ffb2c433d4128772c3b021ed259424e

Download Submit
C:\Users\Admin\Downloads\VC_redist.x64.exe

Filesize
24.1MB

MD5
35431d059197b67227cd12f841733539

SHA1
ae97f1e35c50a3c1b7b231995ad547828e71fe4c

SHA256
296f96cd102250636bcd23ab6e6cf70935337b1bbb3507fe8521d8d9cfaa932f

SHA512
dfc0a9bd4151cbb9407a1234e6c892b65d3db35f1a95684547fc0f5334a9b3d19efe88d5f2661d7b4a372489334098629ffb2c433d4128772c3b021ed259424e

Download Submit
C:\Users\Admin\Downloads\VC_redist.x86.exe

Filesize
13.1MB

MD5
dd0232ee751164eaad2fe0de7158d77d

SHA1
7391663f07cba7c99f3503929fcd3561f1f6a552

SHA256
4c6c420cf4cbf2c9c9ed476e96580ae92a97b2822c21329a2e49e8439ac5ad30

SHA512
cc82a7a8ead3c036559109d4daee623622edd4b4b5241545efa0e36d906c1af10d4056ad003f8849475f4e1e625eb9f27de7a9e13b28ac7ab88da99d5f926c2e

Download Submit
C:\Users\Admin\Downloads\VC_redist.x86.exe

Filesize
13.1MB

MD5
dd0232ee751164eaad2fe0de7158d77d

SHA1
7391663f07cba7c99f3503929fcd3561f1f6a552

SHA256
4c6c420cf4cbf2c9c9ed476e96580ae92a97b2822c21329a2e49e8439ac5ad30

SHA512
cc82a7a8ead3c036559109d4daee623622edd4b4b5241545efa0e36d906c1af10d4056ad003f8849475f4e1e625eb9f27de7a9e13b28ac7ab88da99d5f926c2e

Download Submit
C:\Users\Admin\Downloads\ndp472-kb4054531-web.exe

Filesize
1.3MB

MD5
b3844d880d71de6d787190d2e378101b

SHA1
0e1ec7c7e9e2c7678db5548de80fc5c57f97dde2

SHA256
151b1c11f625e7122d517b6a1778841df8ff168d931c41730f59b9e4b8bcbe36

SHA512
99b1d7f9264e7d5aea7b01b69ef541065030055a37cfd76f9846b3cc84fd6f2bab612042d68ddf992bda41553c493fb45830699ba5f56ab0aee200cc539cc5d8

Download Submit
C:\Users\Admin\Downloads\ndp472-kb4054531-web.exe

Filesize
1.3MB

MD5
b3844d880d71de6d787190d2e378101b

SHA1
0e1ec7c7e9e2c7678db5548de80fc5c57f97dde2

SHA256
151b1c11f625e7122d517b6a1778841df8ff168d931c41730f59b9e4b8bcbe36

SHA512
99b1d7f9264e7d5aea7b01b69ef541065030055a37cfd76f9846b3cc84fd6f2bab612042d68ddf992bda41553c493fb45830699ba5f56ab0aee200cc539cc5d8

Download Submit
C:\Windows\Temp\{04817EE8-A5EC-4C9E-9665-FC08A4AA90B8}\.ba\logo.png

Filesize
1KB

MD5
d6bd210f227442b3362493d046cea233

SHA1
ff286ac8370fc655aea0ef35e9cf0bfcb6d698de

SHA256
335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef

SHA512
464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b

Download Submit
C:\Windows\Temp\{04817EE8-A5EC-4C9E-9665-FC08A4AA90B8}\.ba\wixstdba.dll

Filesize
191KB

MD5
eab9caf4277829abdf6223ec1efa0edd

SHA1
74862ecf349a9bedd32699f2a7a4e00b4727543d

SHA256
a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041

SHA512
45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

Download Submit
C:\Windows\Temp\{33697164-46C9-46AB-927A-E474D97C2AEB}\.ba\wixstdba.dll

Filesize
191KB

MD5
eab9caf4277829abdf6223ec1efa0edd

SHA1
74862ecf349a9bedd32699f2a7a4e00b4727543d

SHA256
a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041

SHA512
45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

Download Submit
C:\Windows\Temp\{33697164-46C9-46AB-927A-E474D97C2AEB}\.ba\wixstdba.dll

Filesize
191KB

MD5
eab9caf4277829abdf6223ec1efa0edd

SHA1
74862ecf349a9bedd32699f2a7a4e00b4727543d

SHA256
a4efbdb2ce55788ffe92a244cb775efd475526ef5b61ad78de2bcdfaddac7041

SHA512
45b15ade68e0a90ea7300aeb6dca9bc9e347a63dba5ce72a635957564d1bdf0b1584a5e34191916498850fc7b3b7ecfbcbfcb246b39dbf59d47f66bc825c6fd2

Download Submit
C:\Windows\Temp\{74760D4E-F01E-45BE-A2A6-1764EDD95ED3}\.cr\VC_redist.x86.exe

Filesize
632KB

MD5
29c7a21bae42889b08137c25aae8e55c

SHA1
d5cd79ca094c60f64ef7d9069e24270cee24b4ea

SHA256
82612a2fa05d62929833052ce76788b98701f0c19dca313923452afec44edec5

SHA512
484ecdda526b95d0fd062a2b24be537dd6c5a5945441de250cbe2419b98041625505fa51202735cb6054db444dc1f4bbf0b0e51588500ab89d54d7addca5e2d6

Download Submit
C:\Windows\Temp\{74760D4E-F01E-45BE-A2A6-1764EDD95ED3}\.cr\VC_redist.x86.exe

Filesize
632KB

MD5
29c7a21bae42889b08137c25aae8e55c

SHA1
d5cd79ca094c60f64ef7d9069e24270cee24b4ea

SHA256
82612a2fa05d62929833052ce76788b98701f0c19dca313923452afec44edec5

SHA512
484ecdda526b95d0fd062a2b24be537dd6c5a5945441de250cbe2419b98041625505fa51202735cb6054db444dc1f4bbf0b0e51588500ab89d54d7addca5e2d6

Download Submit
C:\Windows\Temp\{99A23355-64FE-49D6-8A22-CB0BBC09B2A9}\.cr\VC_redist.x64.exe

Filesize
634KB

MD5
24323f69876bda1b9909a0d0d6b981ba

SHA1
75761d5303828e5cdeb9a3ba0bd9ebaedb56e9b0

SHA256
7b1b012d525323f4e6c2e3b53e9f55bda9d01d8761a86f03317e46d4f28ae808

SHA512
01ed192274bd3559df05adb8de057a6d26bc77376c0fbc2d7ab8a8306620e8515cfbffabd2289417f3513982bbf2b7ed68897c649f14848858690985c9b262c3

Download Submit
C:\Windows\Temp\{99A23355-64FE-49D6-8A22-CB0BBC09B2A9}\.cr\VC_redist.x64.exe

Filesize
634KB

MD5
24323f69876bda1b9909a0d0d6b981ba

SHA1
75761d5303828e5cdeb9a3ba0bd9ebaedb56e9b0

SHA256
7b1b012d525323f4e6c2e3b53e9f55bda9d01d8761a86f03317e46d4f28ae808

SHA512
01ed192274bd3559df05adb8de057a6d26bc77376c0fbc2d7ab8a8306620e8515cfbffabd2289417f3513982bbf2b7ed68897c649f14848858690985c9b262c3

Download Submit
F:\726f03916f824cd60b7919\1025\LocalizedData.xml

Filesize
80KB

MD5
bd97655af30131b0d8387bab5f20e68d

SHA1
cb42103aea4de739573dacf49ebb527b00dc3e55

SHA256
bfca8cdb158986f6a333ece89daa3081a6a81f89ea868a697113a19121c14f7e

SHA512
c365faed844bb2d750acea77b308df2a9a8b94e2270ce2b75d17b4356262d0d65a4489bc55705a45c4b1bc28bd0cc2b2c1e167a43d3c7321f3e758f128ea7651

Download Submit
F:\726f03916f824cd60b7919\1028\LocalizedData.xml

Filesize
69KB

MD5
5727d5160e0fb5d661eb4e6720430d1b

SHA1
b3b6ba3fda17ca68a20675ae06b3c56d576274b4

SHA256
0ad12bf18aa4fcc557ab9422ebef07ab0b8369395bcf695f0915ea99c689f99f

SHA512
7f0314a621137e4076f4ea22e82a6845912fae3b002ba4455952c683e6be89e5a3de4a7cd8f4df2a360247923ca472a53619a2d3635cdcfc1c66e03e7aac2a31

Download Submit
F:\726f03916f824cd60b7919\1029\LocalizedData.xml

Filesize
85KB

MD5
eae0498ea94f2a7e7982ee773d10d3a5

SHA1
f0bc4a900f0eefd362760b77b7cc1829ac0bb93e

SHA256
309dac84e7aef6b4cca2cd7b1eeef8a30bd910373724ca56e8764fa3b420aa79

SHA512
978b97cb7c8274ed73063c1f9a9bce4d9c0fd9c186de67d2ce3b03d33dd88487b6f480eea481fe9c3687c3008a5403b85a16ba57072ac03baee1ffe1c14fb6e7

Download Submit
F:\726f03916f824cd60b7919\1030\LocalizedData.xml

Filesize
83KB

MD5
c805fa6fd2e634ecd0083074194b3899

SHA1
079f0dc73703b987447cf3ddc1e4761047aeb605

SHA256
2b563a3837a23214d290f11b6acb6836ed065bc17c8965108b385ea3ac91922f

SHA512
ff5e3813a4769e6962c363dc64f251724df98be94b195c805cb8854717d3e633fa2c9ae160c55ee6e3872699e692a6ff8b58d2b8de36579f30edcf324c798e8f

Download Submit
F:\726f03916f824cd60b7919\1031\LocalizedData.xml

Filesize
88KB

MD5
4ce791c97f9a6abae6de28487cbdf24c

SHA1
cb85c4b052eae862a55d0b8bf8f2c57e3412c0a0

SHA256
8e878d95152714e1b77c1c7cb8538501c732e06615bb614d3cd71d0b147beaa4

SHA512
4333de904e66d1ff795d8905a21b8c06830635de4bc25ecd3eb94aef7923937b67d5ff464b2e92249a3c5d61bf19ebae7868c9f5435544bd5c3e80fa925e7e4e

Download Submit
F:\726f03916f824cd60b7919\1032\LocalizedData.xml

Filesize
90KB

MD5
b15beae6eebd44f084681316217c35fd

SHA1
ff93f038e65b85a68b4887f88eb792db1d6fc1ce

SHA256
c00d4950f2497d3de235b7d82a8bb737d17eb789551b2fbe8be822ac59d7db8b

SHA512
9af03bb58e5d6bf1a62c4fd1e86c4809b97b0f10929c6b7bdd5048afd29c8b21755ed73587dc4380dbd0a8302a9873bd0540553feff40a01fa8196a89c074b36

Download Submit
F:\726f03916f824cd60b7919\1033\LocalizedData.xml

Filesize
83KB

MD5
f68f5e6d0ab12908f1d6451ea4b16d61

SHA1
f51ef1ccb08cfdab32c0ceacf5369c353eb036d5

SHA256
65471fdc2a95dd77759ad629bc57db6f4caf039d43d4e756053c30a7d5ff03c9

SHA512
7a64114083903522d319237063d05b619fdc3d4ce9945dd3124773b9f6a57b848007b77f55bcba5f29001c9f4d02ee68f35440c37e8326e96559bae485c0b4c3

Download Submit
F:\726f03916f824cd60b7919\DHTMLHeader.html

Filesize
15KB

MD5
cd131d41791a543cc6f6ed1ea5bd257c

SHA1
f42a2708a0b42a13530d26515274d1fcdbfe8490

SHA256
e139af8858fe90127095ac1c4685bcd849437ef0df7c416033554703f5d864bb

SHA512
a6ee9af8f8c2c7acd58dd3c42b8d70c55202b382ffc5a93772af7bf7d7740c1162bb6d38a4307b1802294a18eb52032d410e128072af7d4f9d54f415be020c9a

Download Submit
F:\726f03916f824cd60b7919\ParameterInfo.xml

Filesize
2.6MB

MD5
3ac6a8f0fe4aa7fb0ffe21b548abacbb

SHA1
5e30d7d1057a9e8a8732ad67d672ca7a608657ef

SHA256
68d6fcfd5f2986206763e1b49b86997c94a51260e4f9c02b8037aa5cf3c03142

SHA512
e5bff3554f4dd149e7b1bc3f5eae5d234a7e22e69f3e0d210a67511cf85bb9ce4c3a787a91af89b9d5f2ec91be62719312921716baf29d1f81571b8b2a6e6834

Download Submit
F:\726f03916f824cd60b7919\Setup.exe

Filesize
80KB

MD5
486c8db1cdda2f6b5b78672449e036d8

SHA1
e7ea4d5e2a4662a001ca5eca1e2d05ac99a0af7b

SHA256
2743710bcfdad92faa7c9bd51f34ef1bd96c2adbf400541eda58086d5f607e82

SHA512
aa229b3745b6dd2c9254a6a7c59ac7c13abe878cd1b79381598dc3258697757b0ff336fd5d4583900818e5d9c4848283b1080262ba6d73f747b99c9f44648920

Download Submit
F:\726f03916f824cd60b7919\Setup.exe

Filesize
80KB

MD5
486c8db1cdda2f6b5b78672449e036d8

SHA1
e7ea4d5e2a4662a001ca5eca1e2d05ac99a0af7b

SHA256
2743710bcfdad92faa7c9bd51f34ef1bd96c2adbf400541eda58086d5f607e82

SHA512
aa229b3745b6dd2c9254a6a7c59ac7c13abe878cd1b79381598dc3258697757b0ff336fd5d4583900818e5d9c4848283b1080262ba6d73f747b99c9f44648920

Download Submit
F:\726f03916f824cd60b7919\SetupEngine.dll

Filesize
859KB

MD5
e896650dc081fc34a3af8782d85a7333

SHA1
a766e139d1aa23182b51ab146121da0b6b8873b7

SHA256
f6a9c05293f1bdc7182659af53e4a1335e9c3418de2968ce861e40eda79021e7

SHA512
78918a7975543bc461f449fc94571f96deb4b0ef1e6babd51a9d966f21035ec550e9fd21102e025425b9fa68e0cdeebe480e7b3fc3f3dd4300976b10cae3bbe1

Download Submit
F:\726f03916f824cd60b7919\SetupEngine.dll

Filesize
859KB

MD5
e896650dc081fc34a3af8782d85a7333

SHA1
a766e139d1aa23182b51ab146121da0b6b8873b7

SHA256
f6a9c05293f1bdc7182659af53e4a1335e9c3418de2968ce861e40eda79021e7

SHA512
78918a7975543bc461f449fc94571f96deb4b0ef1e6babd51a9d966f21035ec550e9fd21102e025425b9fa68e0cdeebe480e7b3fc3f3dd4300976b10cae3bbe1

Download Submit
F:\726f03916f824cd60b7919\SplashScreen.bmp

Filesize
117KB

MD5
bc32088bfaa1c76ba4b56639a2dec592

SHA1
84b47aa37bda0f4cd196bd5f4bd6926a594c5f82

SHA256
b05141dbc71669a7872a8e735e5e43a7f9713d4363b7a97543e1e05dcd7470a7

SHA512
4708015aa57f1225d928bfac08ed835d31fd7bdf2c0420979fd7d0311779d78c392412e8353a401c1aa1885568174f6b9a1e02b863095fa491b81780d99d0830

Download Submit
F:\726f03916f824cd60b7919\UiInfo.xml

Filesize
63KB

MD5
c99059acb88a8b651d7ab25e4047a52d

SHA1
45114125699fa472d54bc4c45c881667c117e5d4

SHA256
b879f9bc5b79349fa7b0bdbe63167be399c5278454c96773885bd70fbfe7c81d

SHA512
b23a7051f94d72d5a1a0914107e5c2be46c0ddee7ca510167065b55e2d1cb25f81927467370700b1cc7449348d152e9562566de501f3ea5673a2072248572e3b

Download Submit
F:\726f03916f824cd60b7919\sqmapi.dll

Filesize
223KB

MD5
0c0e41efeec8e4e78b43d7812857269a

SHA1
846033946013f959e29cd27ff3f0eaa17cb9e33f

SHA256
048d51885874d62952e150d69489bcfb643a5131ce8b70a49f10dfb34832702c

SHA512
e11da01852a92833c1632e121a2f2b6588b58f4f2166339a28dd02dad6af231a2260a7e5fc92e415d05aa65b71e8bbda065e82a2db49bb94b6cf2fe82b646c28

Download Submit
F:\726f03916f824cd60b7919\sqmapi.dll

Filesize
223KB

MD5
0c0e41efeec8e4e78b43d7812857269a

SHA1
846033946013f959e29cd27ff3f0eaa17cb9e33f

SHA256
048d51885874d62952e150d69489bcfb643a5131ce8b70a49f10dfb34832702c

SHA512
e11da01852a92833c1632e121a2f2b6588b58f4f2166339a28dd02dad6af231a2260a7e5fc92e415d05aa65b71e8bbda065e82a2db49bb94b6cf2fe82b646c28

Download Submit
memory/756-822-0x0000000002E70000-0x0000000002E71000-memory.dmp

Filesize
4KB

Download
memory/2572-1526-0x0000000004E30000-0x0000000004E40000-memory.dmp

Filesize
64KB

Download
memory/2572-1527-0x0000000007A40000-0x0000000007A48000-memory.dmp

Filesize
32KB

Download
memory/2572-1528-0x0000000008A80000-0x0000000008AB8000-memory.dmp

Filesize
224KB

Download
memory/2572-1529-0x0000000008A50000-0x0000000008A5E000-memory.dmp

Filesize
56KB

Download
memory/2572-1530-0x0000000004E30000-0x0000000004E40000-memory.dmp

Filesize
64KB

Download
memory/2572-1531-0x0000000004E30000-0x0000000004E40000-memory.dmp

Filesize
64KB

Download
memory/2572-1533-0x0000000004E30000-0x0000000004E40000-memory.dmp

Filesize
64KB

Download
memory/2572-1551-0x0000000004E30000-0x0000000004E40000-memory.dmp

Filesize
64KB

Download
memory/2572-1552-0x0000000004E30000-0x0000000004E40000-memory.dmp

Filesize
64KB

Download
memory/2572-1516-0x00000000000D0000-0x00000000002AA000-memory.dmp

Filesize
1.9MB

Download