Analysis Overview
Threat Level: Known bad
The file https://cloudflare-ipfs.com/ipfs/QmXwCy6FacCc2uHm7pAfvLDugmZ71gVP1LQFcucy4K1Jy2#Z3BlcmVkYUBzdXJjby5jb20udXk= was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-10-05 13:39
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Analysis: behavioral1
Detonation Overview
Submitted
2023-10-05 13:39
Reported
2023-10-05 13:49
Platform
win10v2004-20230915-en
Max time kernel
600s
Max time network
592s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133409867823582334" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cloudflare-ipfs.com/ipfs/QmXwCy6FacCc2uHm7pAfvLDugmZ71gVP1LQFcucy4K1Jy2#Z3BlcmVkYUBzdXJjby5jb20udXk=
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe45e89758,0x7ffe45e89768,0x7ffe45e89778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3912 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4972 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5676 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2572 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5964 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4724 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4772 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2832 --field-trial-handle=1888,i,10264439665561931070,18045692445999139780,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cloudflare-ipfs.com | udp |
| US | 104.17.64.14:443 | cloudflare-ipfs.com | tcp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.211.247.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.64.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | ik.imagekit.io | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 18.65.39.61:443 | ik.imagekit.io | tcp |
| US | 18.65.39.61:443 | ik.imagekit.io | tcp |
| US | 18.65.39.61:443 | ik.imagekit.io | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.17.64.14:443 | cloudflare-ipfs.com | udp |
| US | 8.8.8.8:53 | logo.clearbit.com | udp |
| US | 8.8.8.8:53 | www.surco.com.uy | udp |
| US | 18.239.36.32:443 | logo.clearbit.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| DE | 172.217.23.202:443 | content-autofill.googleapis.com | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.211.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.36.239.18.in-addr.arpa | udp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | 202.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.214.64.190.in-addr.arpa | udp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 23.46.68.105:443 | s7.addthis.com | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | 105.68.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | www.google.be | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| NL | 104.97.14.240:443 | snap.licdn.com | tcp |
| NL | 142.250.179.163:443 | www.google.be | tcp |
| NL | 157.240.247.8:443 | connect.facebook.net | tcp |
| DE | 172.217.23.202:443 | content-autofill.googleapis.com | udp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.14.97.104.in-addr.arpa | udp |
| NL | 157.240.247.8:443 | connect.facebook.net | udp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | cdn.linkedin.oribi.io | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 18.239.69.111:443 | cdn.linkedin.oribi.io | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 8.8.8.8:53 | 111.69.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.surco.com.uy | udp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| UY | 190.64.214.123:443 | www.surco.com.uy | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.35:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | afhealthcare.com.ng | udp |
| DE | 94.136.168.110:443 | afhealthcare.com.ng | tcp |
| GB | 142.250.200.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 110.168.136.94.in-addr.arpa | udp |
| DE | 94.136.168.110:443 | afhealthcare.com.ng | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
\??\pipe\crashpad_1168_BEKSKJKMLHNSIEFT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1cffc6d53ff719a25765f20354971897 |
| SHA1 | 4387a7a5ea2e4946f4534ece9b77774a368face6 |
| SHA256 | 4350d7a4eff43a1781165c670f989e9bf25bd08256a136265c095e48d6e3a874 |
| SHA512 | bdfd2136f32f52adf881a7499e607110b6f4d813cbcd88aaf1071161c7c271430bdd19385df8021f5fd857f22e2adb4b7d934b2103e105558e79c6d914778105 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2be8681dc7b9bb96ab7122196fbec09c |
| SHA1 | 78ab4ee8b8f1999d63cc3e537aadd61a2baf9f75 |
| SHA256 | 2bb2b27dbe6081dc069fb929c39ccc12092bec5305f300cad28dbace92353fbe |
| SHA512 | 1a6fe3993cb54f3fbe5a3e476b997a87ca3a9d277b66156892177b3150691200925e3c4aac908fbbca66b42799fc55dbe73f168252ae281f753ff76e6637bd77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | de41bc8c0b8e8ebca7934242f91f5a2b |
| SHA1 | 131300f76fc533dc8d98a245d493c6c33bf3a24b |
| SHA256 | 094f493058e64949f68beef30e68f437b90d57f2ba4b563378413581f3c2d08f |
| SHA512 | 1711fec735d5efc046b69dc6df190a02fbbdbda8819f64897e31d97af20f29bebf96a47180a6b8affc9ce8ee598742fc26e31cd898de60b09a4b457d0dc428b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0b86c384-a595-4d01-a10b-a7bafc3e08b1.tmp
| MD5 | 64bb69503e8e78cbe762a2ad20c96390 |
| SHA1 | aeb6615cdf02117ad08d3daef45de69c1b378cfa |
| SHA256 | f3658d2ffd97e409d80d6e8a60731a039ccbc5b3e1abcd4522f8e2318daf7a79 |
| SHA512 | da6feb285255f10b827852361ac5ff447988dd9388836c37e5ed4483d1a4a3bc14215ec312247b252a299ededf9745ca52423f1c68e1705c462524bfaae98906 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 07e70d598c44b6e1ed584f7d7f2e9f63 |
| SHA1 | 96a07b95cf0fb7206294730589b7b8137549a8ac |
| SHA256 | a6c46641909459e7332e471460f86f1fd0ab37a115a38d17fb3e0be02bbe6e1d |
| SHA512 | c537a04b237f30ecfac07e47d2b78f476dd9613c6f7c5dacebd4b08a864818dfc71189f0f6db0cfa668606823e6e01545ba0af72214308b48c441cb30cb8f236 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f5bfdeac332f87c28f6da6961dbdf303 |
| SHA1 | 4eaf108730053249aa4070dcf9ad8587db0f1f64 |
| SHA256 | b8429a66dec9438e3eef253f938411051f0b6584748d8bbbc621181e67da3508 |
| SHA512 | 3ea8d49448e11435f0f442854a6e080fb86087874098adb26b55b444d840542715654d5430ab7537b305c5b3571e75457032e768523371c4a7c914ee25094fbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe585a12.TMP
| MD5 | dcae052939e874d1f5ca17b9730aa8f2 |
| SHA1 | 42740f716b5d05f60eb698e8ea21dbbb087e8623 |
| SHA256 | f398efb44a8792ab80ae0e5b5af0d722687763d8e5aca3a79f479592e66bc0ff |
| SHA512 | 6121696188c49187dfa51ab423fbf29110ad96df1143ecf8c96635832dfe1bcfc42c5aa276056b3fbb9c27f50f66c7aa8c6dcc0daaafc4131cf085921107eb21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8eb1df508d6d51db1521ef33734509fe |
| SHA1 | be7a0cf1ddd89cf82912737803e375504971b777 |
| SHA256 | 56adbc8ff1dde2bb99e9e8e2e73087ade05d22c9e7b429025a4b7fef9a83d2da |
| SHA512 | 3910841e49e3068a38469c6871f97e6710a3fb76e3374949965b98746e5e2fe919061ff93b04cd1405fa209aaf65741959e85b1115031d318e63c9e0c610bc5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | eb9138f88c297c20037f1f5cd1a9d08c |
| SHA1 | 3a187e67579d74656c5544633828ddda691e9a7f |
| SHA256 | cf706b63fd305b6841b8e4ed7da0648d9c84132c2b0c7fe9113345de5eac52cd |
| SHA512 | d516b52d875bd32892cbca5980c4e1e7ffdd57f6037e6b2a1125d7fbe84e5e8fa8a903478bf2868970c88e37f4460034b1f78d7c9ace0fb0a4c050ff5df77427 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e127ad675a0dc7372b59440755f58f16 |
| SHA1 | eba5e2364e315c0428dd0e355158c0317e631590 |
| SHA256 | c739b4c1f75484f69a00134c69c014369849f60737b5a93be26fef7ec04effcd |
| SHA512 | 2ce68742e0503880b8ed9d4e9a34c7d33a47d8347d5fe2f9315ac295372459f8db6710e8bd3a7a3a0a34d0bdef7bc56f9245ca3c903255d41282c051a45a8855 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bea8f6a881f592139f11d99115baa24b |
| SHA1 | 8a039ae21c787dfb481e1449b126a69c9f02a369 |
| SHA256 | a3fb3ea93f43126d802371ad1a76b26330e0bbdcd384972c335f74e56a92d901 |
| SHA512 | 16c47df512fafe9c4afa200df44ea7a0ff7b638ef896946bcc4ae149645466855a96f950aab6db0faab8689af475b3b4f6ba201a6e12d05330abcb1ba030f022 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3c306c90580dc7fda2884a1031e39843 |
| SHA1 | e0f84ca2ba434c73e74dba41b5ba3d9967b96f62 |
| SHA256 | 40d912f53dcc271cd65feb5d39ddedc2048dd753d2ddaf1677cee91e4320bcf2 |
| SHA512 | fe3420ac7759780df778aa3c785edef8f5bd3a23b84ed73d9d3dd63d426c36091f380276c9dbcfd938718979bc3361571e7be2e76dc24ea27d81ee81e5afc635 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e4da48d175ef7f618324ba760f92d106 |
| SHA1 | 29dd28a6c6b6b1a7492d9716d977d848e1104e96 |
| SHA256 | 335d4884a3722ffd83be591388a1c1a169e48dd6aa30f4cdfadfb3823993d755 |
| SHA512 | 4f4b4bc9a03eb76ca6ed3e54d1d03f5e62bda2ae56a8184ae6bd5e0031a9dc2444c11c082acd4d24fcbea00300da600b03e49b727c297105a873735b9690d072 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 020ab3fba0133d9aa06c7ab1c4d0c84d |
| SHA1 | 07056f52293259b2863eed3c4adda5d00f741c69 |
| SHA256 | 384070d20fb04c070605ec737d6dbe822ca70abd72236cb5d309b111f74265c3 |
| SHA512 | 7dd37b77bd746a17763fc27710ce6ca637c8b613d90754f3a011c7d1f762a96f35ec2a961556311ab8edeed47a3658f15099f2c7132c57e8955f6ec5c82a8706 |