hxxp://a[.]directfiledl[.]com/getfile?id=39264

Analysis

max time kernel
117s
max time network
114s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
07/10/2023, 17:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://a.directfiledl.com/getfile?id=39264

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133411729328890768"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-919254492-3979293997-764407192-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
4772	chrome.exe
4772	chrome.exe
4784	Vega X.exe
4784	Vega X.exe
4784	Vega X.exe
4784	Vega X.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe
Token: SeShutdownPrivilege	864	chrome.exe
Token: SeCreatePagefilePrivilege	864	chrome.exe

Suspicious use of FindShellTrayWindow 62 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4784	Vega X.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
864	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 864 wrote to memory of 1676	864	chrome.exe	47
PID 864 wrote to memory of 1676	864	chrome.exe	47
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 428	864	chrome.exe	87
PID 864 wrote to memory of 232	864	chrome.exe	88
PID 864 wrote to memory of 232	864	chrome.exe	88
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89
PID 864 wrote to memory of 4756	864	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://a.directfiledl.com/getfile?id=39264
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd30459758,0x7ffd30459768,0x7ffd30459778
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:2
  2⤵
  PID:428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:8
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:8
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2880 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2872 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:8
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:8
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5340 --field-trial-handle=1900,i,15985387554345563635,3647381007886809610,131072 /prefetch:8
  2⤵
  PID:2416

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3240

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4404

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0x98,0x128,0x7ffd30459758,0x7ffd30459768,0x7ffd30459778
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:2
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3032 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:1
  2⤵
  PID:648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:4320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4712 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4856 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4984 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5132 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5308 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5312 --field-trial-handle=1960,i,431695989164108558,2362145095702277477,131072 /prefetch:8
  2⤵
  PID:2924

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4668

C:\Users\Admin\Downloads\Vega X\Vega X\Vega X.exe
"C:\Users\Admin\Downloads\Vega X\Vega X\Vega X.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
PID:4784

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
9e7dc0d7faf39fda09051a5663071307

SHA1
368ca45bdf815d8a3c38e846f5fba8e3835fad43

SHA256
a961cbe46942ca995cccdf9d02100b12f2c690e77deda91f8582f48d62138320

SHA512
124c215c302a37aa87a9fbc3e898e8024ac778c3c2d400b55a6ecbc59e8125229778eaa7da7eb389013e14c48b40330beedd14e2e3f4828800b004c01206703a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
9e7dc0d7faf39fda09051a5663071307

SHA1
368ca45bdf815d8a3c38e846f5fba8e3835fad43

SHA256
a961cbe46942ca995cccdf9d02100b12f2c690e77deda91f8582f48d62138320

SHA512
124c215c302a37aa87a9fbc3e898e8024ac778c3c2d400b55a6ecbc59e8125229778eaa7da7eb389013e14c48b40330beedd14e2e3f4828800b004c01206703a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
81e2349322abff6f23ca7adf51dc2844

SHA1
8bfd6288022698230c9902af7cc61e1e13cd513a

SHA256
4ab956aa8a26329da4e5a46a9171a849b765dfa83bb1c1a96df56d3e675875b5

SHA512
69c1fa2c00154f799431ce1af4b920b88419d8660801ef91263d9623daf73ed72213b8a5b9f32d843fff63a868d0fbe64a2e0d1074d0a5ba1ac29bfd064995f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
bb00f6e579038b88fb02e2faa2fa253e

SHA1
fd87b0d520711ed3940136e3a2c40246042b1ffd

SHA256
be79430d3ce0195bab82533ef51743f611f9717d4da158511960dd649b87c541

SHA512
94d772096d60671e42ea69436820c6187af9ff9ae27129774e1bd24fbb188a1f03c6574973c56d9234c44ff29d84db323098ff4ac779046b24c8ddabf04102f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
7a632e35ed231fee54e1e66ebf531da4

SHA1
7c2cddfb3974e5f0107c341c1026ccee19e1b1f0

SHA256
6cdd455fe54e53d07598816573a1d305859cf0fc2c5589a9da1811340cbde0a0

SHA512
ab82d05e8bfd962b65a07734c94f1b46f43fc6fcd46d044edf85f5e80226c76e18ec2bd9d1c75e61fa86458031f77133af88100a8411400ccf36f575a4315239

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
317B

MD5
eeb91929a3a36d54c151e549d4f61aad

SHA1
d0f1df0036f10d94ab6b9754ae36be2978341cb5

SHA256
ea3b1543db68d4dd8e390e41d4ce8f5967776ac9e20bacd37dc039663aea68ae

SHA512
a50b31968db66fddb3253a1042feb0eb61e72df3242348ce2d1e8a4ea766ea2fa757f361cc5f3a02f26e406acb4c222b0deeecb76b707d644ae125f9a45f59b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

Filesize
327B

MD5
53ff6756d62afb59e0f9da8fc2754b14

SHA1
e2eb95608e6bec0d362c02750f8106d4b2632054

SHA256
636d44b95540d039ad88cc0af5a7ae6694f99118f6ca909015bfa010b1ae16c5

SHA512
02e0fe300795a353f6fe2e1744518e79662f0a26b65ed388869baa6d58fb8d3ec93fdb1f93d5000ec700ff6bb87605d8d839e12c02d7e10d0185d0ec0a7f4587

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
7a632e35ed231fee54e1e66ebf531da4

SHA1
7c2cddfb3974e5f0107c341c1026ccee19e1b1f0

SHA256
6cdd455fe54e53d07598816573a1d305859cf0fc2c5589a9da1811340cbde0a0

SHA512
ab82d05e8bfd962b65a07734c94f1b46f43fc6fcd46d044edf85f5e80226c76e18ec2bd9d1c75e61fa86458031f77133af88100a8411400ccf36f575a4315239

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
831ef65b2c5f9505bd7d07c8deee73a5

SHA1
789f096628510e6fb982d5a253771f3d4857c21b

SHA256
cd7b574b388cb3b79853a3d0dfa63ac24e81e6621109251e1760567effa2cf24

SHA512
7746ab9a48f9afb373302de9f073a1ac7984ac0477e940f8c77fa351f8be118ed5d284a364d5e8cfefc708197732c887ffcf53c8dd92f3d11e64827d21537d81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History-journal

Filesize
8KB

MD5
639c4dd89d73d3fe3c2062df44ffd79f

SHA1
fff09f19ddf844bddc2f952ed3968643525a93b1

SHA256
d8ccc9b7eb671a0a2f19e0e3867287ccc36e4f7f75b38b95d3d02551308c8bac

SHA512
03eca75d06a616e5ccd7a9987e45c290ed0e5855d4107c8297d6bb7000701aee20997b0758d0badcd96cfd826a803b7ec59aad71ac5b45e6504da299fd0fa835

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
329B

MD5
07c0815546b326d686b2c677e559ed87

SHA1
58672bc02372910cec659951c988ee9a024fe8e0

SHA256
b4a1f7fadbdfe2769be138098a27ee84cd3dba93ffad46b68664fe4380f0d095

SHA512
763f9b090f15daef8808909cfa04c8501947e234c4a5af5c8810693778f8d8998ffeccc08f0a4e82a1d5b3f5225a5a1fa532832fa550bcc854b4b5021e6c755f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b323f284e98a5d7d3e1ff8cf9f4f8529

SHA1
1693cbb4ead30f9d8f4a0e271ee019f8e3c9b898

SHA256
1abc406b3b73d62e19fed81c8dd16b8727c9b52d7645a8745d75d1cce35304b4

SHA512
9a15a7656c7d5c4d446ca4f39a1e7801adef91b5b1841870a83deef406b79ffb080accc1cbc65e337e93cfbe5bbe2e4f1cc64ef615cc9de14d866de6349891d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
b323f284e98a5d7d3e1ff8cf9f4f8529

SHA1
1693cbb4ead30f9d8f4a0e271ee019f8e3c9b898

SHA256
1abc406b3b73d62e19fed81c8dd16b8727c9b52d7645a8745d75d1cce35304b4

SHA512
9a15a7656c7d5c4d446ca4f39a1e7801adef91b5b1841870a83deef406b79ffb080accc1cbc65e337e93cfbe5bbe2e4f1cc64ef615cc9de14d866de6349891d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
28de5acb56ec6d4625402bb30825c35c

SHA1
7485685b02269c3b4447dc50ec285f650a2b5a4a

SHA256
f54f58930a2678541b99d0cd29ee3bd41234f923e8066073e754ee12bbc31ee2

SHA512
1aaf095c39b825dd441628d14ad2ae4aba5dc2e90ff3d1dc7ccb4e816c75abbf97ea6d69b63605014c72d88b0ac21558c9ca695dd970306118988cce4b28fca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
31dc83c4eaadb0d79ad53aa81cf27726

SHA1
9740187c7402d51cab13525e5974834e68a1a03c

SHA256
4f0395e9be5af7ef348ed20f99ab0388ba37fc76c8a1eaace879adeb7ab8f38d

SHA512
10252630032d5dc136d71b6f74163df239d26f50997dc19defd7bcd0d05a2b3e87708d2186c60d10a6a602617bd7c4dbc42cbb734e8d7daee969c85c937c4253

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c27ebeb72949260d5099485317a0b9cb

SHA1
f9a42a6e1dc461d52897a338732ad314feb7d60d

SHA256
06d3a4c2ea0d6bd64f6b0bd59c19cd7370fb0237a4e8256b7d7ae1b5198ec430

SHA512
518b4dc170a3e947992d92555c0d06cd08ba199ba1329b9b29ec8fcdefb6e28d185713b752b611225ee56f1143ccd1287530602c3f622f3427a74212ab38574a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
96911ae4247c65bf0181ea2b627459e9

SHA1
7e7df3403bebb9762ca2636d5c258a96866c09ec

SHA256
6f77156b8aa687d69defd250960c48529608c6a630135818b002089b355788f6

SHA512
592405e2b83f15b0629d9de59b6987cdb0ef3be0c05112fdeb692c70a309119baaee15699dfca9d96b3d4843ad8c3bb3e8cafdb8767591cacc7573a1d0f1de87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
46fb6abe4bf65e7d3ba05868e161617f

SHA1
b6c99eb23e2164eebbc7a6883e8d8c7d9290c7da

SHA256
d217877e93f104113abb33802f67d2ae1a71e1f581ee8d6ca3eae4ada65ca006

SHA512
ab13c56d7c1dba4837d6fbdf72686892cc44c5a70913c2d74a89b7061f3891359a2ec2727dd9eed7ebf33984999edbd36a4fd5ec14a62b905bb1587429350ad1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
a64df40371f10699760080dd8b518b06

SHA1
6d29f47e266106afe4b99d7b9a9a1262d847df34

SHA256
f3867b14da46ae327b8eb4c94015e2422363401974b710f4895374132a6791a9

SHA512
a757791a9d87de3c764433f5024c3865274901ddb9f42cdee50e86cf1874b68bd148a04c23071c53014321601d3bf21e870330f5789d2f99160f8d1da6ea079c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

Filesize
232B

MD5
8a30a1fdd0459d9ea8b1e78a8e636856

SHA1
9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20

SHA256
88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33

SHA512
b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
317B

MD5
7aca663bd27cee08be255aedd1a20439

SHA1
accfcc58191d811c522bd107a6728b4566793804

SHA256
329b759848cb382e1c6a6c48960707465ea4b57293c68451331a0817abb33dfe

SHA512
6c7c2a8787316e49110152ea00b831db2e252b2795022d7869411ef93a96e0faaab2871bfbe6e59bb649e16bd7998d39e978e33b5d254745a9029f900bfe3649

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13341172934185232

Filesize
488B

MD5
d57b081e6d7bc944a3f9f5af31770a33

SHA1
d2891c2630b755604d63c524b973e0b56517be0a

SHA256
9d1dd2f0e850d51195523a3ddb78fa0e450b907ed65f939c1f1fa7b1e31d568d

SHA512
c2ec0e8bcdccb539051f1f6ec5ec350729e614c393bf7d1f0b3e231c051a36da4ed5fc4369567c9fe5ae23412af3a6674e834840e52a4c17f8a1b7c8cd399b06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
4707b0f9e5ca1d06b7e1bd3439c0248c

SHA1
f82a85cb11bc8181537ff391f37f15167267c7ed

SHA256
da8b3d21ce6b66131a3335d4b01f1fe56e3c26cddee254e8e725fd2d2a713195

SHA512
28325a3c22b7610f38c7d5c0713c0ca01afe41c8bc8723c8f18fb8ac49ef84bcaa646d55ba5f9077a30cd6187c0a80be38601079fe32d3e926f3183c24253ca6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
8KB

MD5
5efc79421a9e41d176af1d3c894d19d8

SHA1
0da9ca38be35f5a88d0f17b268fc477b57a48218

SHA256
b2b3a14700091a83c69c0cfd3993826227561dabc595b3c0bc8bc9504f61da94

SHA512
177a1453caa2e473db98210fca0f4ba2f5952ab709e0343e585c0fbc099b5bc178334b9d0fc9e1dc4ec9cbcc65e1cca62075da426802c2703ebd74c547c95fad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
9da2c2ac2093f7b8a0dcd3188d7c8820

SHA1
408a3676e5550050234bdc3a765f531c81a1bb80

SHA256
5cd95949c76a733a3c15e715a1b2aa2489574d064658692125faf3a2c43bf9b3

SHA512
a17233c632bcb20fdbb38ff03f45f2257278d1dd8799d4f34661bed8b80b167a30a83e681a401336bbfda58b2b772991ab4db2f4aa6add975b666db637deb0c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
2KB

MD5
ff4c00cc3f4a1bd3579535fd1e886cfa

SHA1
e81a27a671d8deb460e204303a1fc9558f87e251

SHA256
441d8b502a43bed1abcb3b19b3fea26c01f28dbaa451faf1e2a5dee6f3318536

SHA512
b324d3018947b0d2c57d73cb5eebfc41725586494762c156a3af21a4377812ca12954721e19078e562cb15ca667b158306d824a61eed70513ffaa13c29858fc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
317B

MD5
6a6bc76e1f711b8cdc2c3f432a745c66

SHA1
e135adaf6a5576a2c37d578ed21b7ca846d2aa8f

SHA256
71a6dc1a472df326c37c39e5e8fe3e4ef4aa12e3fb38ed4178a0421b252197a7

SHA512
5ab9fb55e249217b8bf496ebb94dfd289a199cee3301824d3ad790446b928a40cd2497be3ccc3d1c7223460fa5f40f749c0b4f8b77b8f0dc6556101f6877192b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
918B

MD5
c5595c84c1a8488a92516ffc0a9934a9

SHA1
d6f7714428711af792d33cd5e356e5ab87060eeb

SHA256
ba1542b08f2ce04d91eff12258c3612917479853241aa35eaf3202891b3678b3

SHA512
7cad92a08b07e081cf90e7fb89306865f2a10761066323cb2e75e9f45936d02ed334fdfb5b48d30a84d1c7fc4fa0003e36ca79d13ff9c017acaa0561f0d7bd32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
335B

MD5
07395088b98ddc82a837430d7b1d7316

SHA1
2842d55410953002a5f032d26489431bf0076f9e

SHA256
7fd89fc701b47a3b1cf0936f55809c5cfc8242e962a3f1a2fa004f5b9b1732b0

SHA512
6e7abba2794833d812760198d043965ca9b701a7c1a1d08243bd9c604f9b6cf919977c5759ea5eee98b9a28a55ead00af6cfa25cb43d33546c42afab9ac43379

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
0579959a0bedfb1beedadeb0214eb63e

SHA1
903b707ce50353c3bc9cd0ef27e369b3c3247795

SHA256
97e9f184e3b19206c97c11a37bf07d6a32d2932d4e71add1df99f9ea003660d0

SHA512
87c9d383ac7e1e1a25958b351982678f38a0a22d151d431f5fd66baf4d07d95d4e149e2e5aaf5d81c616b9ffe436261e4b83c7086bfc52e5854e3627f123587c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
951b669b8b28b4437c79341c8d21b711

SHA1
eca8544074d66a4fbd3c87a7f8dd9eda6fcdf6fd

SHA256
1d5dfa0e8871c317c12b836f541e068ce12c2030325aa3aeb88fb6f9314d1f79

SHA512
1efd6f093712df611ba356f1c9c16ddce1eb69817155f4db80c34a474252d4daca49a1655c1b94437013fa87cfbb475ae07229df4ea71ebb67a18eb8a0f405ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
c48cddd735f79a2cd20845d5156c7aec

SHA1
c9ab9ac12366787c461cba508d9b080fc96bda93

SHA256
67302c2c57f13da01726371260330cd3b22aac918624d469146b36956d9f1dea

SHA512
101e9d4d3d63091bb1244a9111a9f7734eefac204bbd2d8bb35933d2c14cf2bac410f0a037ade7b53c365abeb61dde40a0af73db22a59e1f04a3149aacc61a6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
973f066ebd2e6751d076a71d49663f38

SHA1
080dfa986a2b0165406330530b8ca01b44b26a38

SHA256
8bdbaffb8c5fca095646198d6160880ed0523bdddac79c14c2fef658d2c0e6f7

SHA512
3aa455bbf27f00bec1fcff808d32eb5587d66de2ed6b7c7e019b9fe8fab4aadeb2c60eaec208554f187cd339d09a4247d5c79b3ed7e32ee2fd6718db0b90a1a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
cbe6d0240341a7c5b42beca3cf878d14

SHA1
99bf9f40d4a58b7e0681bd3f7b0c39f778715105

SHA256
4fd6a31e5f976f02ae3397f79a5f35182b39f12c57ac36cf996f63fe46b5298a

SHA512
98d3ca501143fd16eb9aa71c04a17187c2aa243b9629fb10e9cb71fcbbf2bf66c6f9ba0fb9d681d2bc7d88d5bdef62480a6a1d3d424b6cc534a6ecdbd58e7d08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
203KB

MD5
329bfc38bd872e85cc02f4c7698aec6a

SHA1
e20bf3e147471bcfc546d9dbae737ddccb7eaf01

SHA256
33c31f32336130b8237f06c4b0f3246cb34f4590bb1bc5daea530a6f6e8270ab

SHA512
6f90cbb49eb69dc535983c8b9535f1e1ac602eef98924a4e0b3825c21a9a75da0bba7190a37b74c8a32eff3a823d874c8d223db8e6f4a0127d6edfa24ceaad00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
cbe6d0240341a7c5b42beca3cf878d14

SHA1
99bf9f40d4a58b7e0681bd3f7b0c39f778715105

SHA256
4fd6a31e5f976f02ae3397f79a5f35182b39f12c57ac36cf996f63fe46b5298a

SHA512
98d3ca501143fd16eb9aa71c04a17187c2aa243b9629fb10e9cb71fcbbf2bf66c6f9ba0fb9d681d2bc7d88d5bdef62480a6a1d3d424b6cc534a6ecdbd58e7d08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
916a93ed098b350341f293423062e214

SHA1
af3a67e43bb9494d91c65e7e6fa71044622dad2d

SHA256
4722375c1565bcb06e81ea794dde57786b04ddde57624b23f78917b965bef936

SHA512
e82b0eca99f14d38296b7f1d191e7da2fa8db6137951f685879b4ee56a77b696b4390f68538a604fc31c33820e360df73e5a442e003aaf4e4bdc70a65f8f4c98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
106KB

MD5
0d53b33b0870abb85394455e3566e181

SHA1
5d7a0bcb92b24f39676f03f1391552036c9b43c7

SHA256
21b494949c241c89a8ea7934e65983dc0d9d69d0bccec06d4413acfe83a31868

SHA512
32988071a8b1f82eb1252a1b5471b6689630c3649787784f3d9e15fbf658255d8725397c8436c6433a0d1d93d9d9871501ff369930cad12c89c3797a928ea10b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
b7b24fb13cf2fc127aa608047d1e69a8

SHA1
310dade98a7ee11e61366451c3ab7448a218d204

SHA256
6967a3c68fcde106ee24435fd6cda431d86ac9c5b1c8c1d0747097244ba83622

SHA512
88cc1fd2378b9bc3379c8f6dc91fde7f923ff756b5afa34b3b1eb121635ddb7fb26bb75641e7e821c2747e91855234db4115df50d10c6f5c44c5a47157128cb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
b7b24fb13cf2fc127aa608047d1e69a8

SHA1
310dade98a7ee11e61366451c3ab7448a218d204

SHA256
6967a3c68fcde106ee24435fd6cda431d86ac9c5b1c8c1d0747097244ba83622

SHA512
88cc1fd2378b9bc3379c8f6dc91fde7f923ff756b5afa34b3b1eb121635ddb7fb26bb75641e7e821c2747e91855234db4115df50d10c6f5c44c5a47157128cb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

Filesize
4B

MD5
432a598ae946384596996d9382122d34

SHA1
476d657ca726bb33fb3b24a2bf215ec7a2f54189

SHA256
b25b189dc9e11ab0bdcc15c32a74b1e3b71c5aa576d749dd9e3d9b7c3582254a

SHA512
c0e89918f822146243c827e142917eb6eb4148e563828af9fa4dacfd576967acdc5f6d184ce3d8f47bfbd67cbb5e51f2abfc30d0fa5f591f5d08bab4c7305e69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\Vega X.zip

Filesize
11.5MB

MD5
8d39ffccd57e1e0bd9df8a7da72d45e3

SHA1
548502fc7bc75c523c78ee24d1151fce46b78b45

SHA256
dba5435f66f81fd96e0b6f4e0b6a9498789794e68bd07882c92df7f8243980ee

SHA512
f1bd75e35098ee4d29340ffc597c3845a0e7eaffad96c6ec4e284071e9c3b89bdb61044ef879524fc9687683bf559f4f3a841687cdde4b8ec2231b60b1900184

Download Submit
memory/4784-233-0x000000000A0F0000-0x000000000A0FE000-memory.dmp

Filesize
56KB

Download
memory/4784-243-0x0000000006190000-0x0000000006191000-memory.dmp

Filesize
4KB

Download
memory/4784-217-0x0000000007CC0000-0x00000000085EC000-memory.dmp

Filesize
9.2MB

Download
memory/4784-211-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-229-0x00000000098A0000-0x000000000993E000-memory.dmp

Filesize
632KB

Download
memory/4784-230-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-231-0x000000000A0E0000-0x000000000A0E8000-memory.dmp

Filesize
32KB

Download
memory/4784-232-0x000000000A130000-0x000000000A168000-memory.dmp

Filesize
224KB

Download
memory/4784-198-0x0000000000750000-0x0000000000E90000-memory.dmp

Filesize
7.2MB

Download
memory/4784-234-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-238-0x0000000005AA0000-0x0000000005B16000-memory.dmp

Filesize
472KB

Download
memory/4784-239-0x0000000005D30000-0x0000000005D40000-memory.dmp

Filesize
64KB

Download
memory/4784-240-0x0000000005D40000-0x0000000005DF2000-memory.dmp

Filesize
712KB

Download
memory/4784-241-0x0000000006200000-0x0000000006222000-memory.dmp

Filesize
136KB

Download
memory/4784-242-0x0000000074830000-0x0000000074FE0000-memory.dmp

Filesize
7.7MB

Download
memory/4784-218-0x0000000008D60000-0x0000000008E1A000-memory.dmp

Filesize
744KB

Download
memory/4784-245-0x000000006B900000-0x000000006C288000-memory.dmp

Filesize
9.5MB

Download
memory/4784-246-0x000000006B900000-0x000000006C288000-memory.dmp

Filesize
9.5MB

Download
memory/4784-247-0x0000000006680000-0x000000000669E000-memory.dmp

Filesize
120KB

Download
memory/4784-248-0x0000000007190000-0x0000000007316000-memory.dmp

Filesize
1.5MB

Download
memory/4784-249-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-250-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-251-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-252-0x000000000F090000-0x000000000F634000-memory.dmp

Filesize
5.6MB

Download
memory/4784-253-0x00000000076A0000-0x0000000007732000-memory.dmp

Filesize
584KB

Download
memory/4784-254-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-255-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-265-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-266-0x0000000005930000-0x0000000005940000-memory.dmp

Filesize
64KB

Download
memory/4784-197-0x0000000074830000-0x0000000074FE0000-memory.dmp

Filesize
7.7MB

Download
memory/4784-289-0x000000006B900000-0x000000006C288000-memory.dmp

Filesize
9.5MB

Download
memory/4784-290-0x0000000074830000-0x0000000074FE0000-memory.dmp

Filesize
7.7MB

Download