hxxps://sourceforge[.]net/software/compare/Amazon-Titan-vs-GPT-4-vs-OpenLLaMA/

Resubmissions

09/10/2023, 23:27

231009-3fqtfaba97 1

09/10/2023, 23:19

231009-3a1rfsha6v 1

Analysis

max time kernel
600s
max time network
605s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
09/10/2023, 23:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://sourceforge.net/software/compare/Amazon-Titan-vs-GPT-4-vs-OpenLLaMA/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133413676796436389"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
5624	chrome.exe
5624	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 46 IoCs

pid	Process
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe
Token: SeShutdownPrivilege	4368	chrome.exe
Token: SeCreatePagefilePrivilege	4368	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe
4368	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4368 wrote to memory of 4292	4368	chrome.exe	84
PID 4368 wrote to memory of 4292	4368	chrome.exe	84
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 1904	4368	chrome.exe	87
PID 4368 wrote to memory of 4320	4368	chrome.exe	88
PID 4368 wrote to memory of 4320	4368	chrome.exe	88
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89
PID 4368 wrote to memory of 3916	4368	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://sourceforge.net/software/compare/Amazon-Titan-vs-GPT-4-vs-OpenLLaMA/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa06239758,0x7ffa06239768,0x7ffa06239778
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:2
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:4320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4660 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5172 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5124 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6156 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:4372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5300 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5688 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5680 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5640 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4692 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6336 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6568 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6196 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6464 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6840 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3344 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5688 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5472 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3328 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=3288 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7260 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:6092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7164 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:5328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7420 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:5368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6268 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6472 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7496 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7452 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7756 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7712 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=8256 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8652 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8236 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8196 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8864 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5280 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:8
  2⤵
  PID:856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6812 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7848 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6632 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7600 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6592 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8652 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7028 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=7676 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=7064 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7216 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7376 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7400 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6816 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=5028 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=5932 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=3792 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:1
  2⤵
  PID:5832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=948 --field-trial-handle=1900,i,13287920651448588154,16544763821025992308,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5624

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3568

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4bc 0x448
1⤵
PID:4344

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

Filesize
330B

MD5
4bef70f2cf690d5c020b6da7812b8c7b

SHA1
72b7b4dc0dc32cb29c1c2b775242013a4fc85606

SHA256
d66923b6881b10ae6714ceed7f2fd2a59d36ebe3af8693b11d832d45ffa984bf

SHA512
e5ad37e871c1d45a4b625c2dee6c16edb24b3b96ad52dd50f235f35a8c36b47b3ad3f6d704f3ff46f25d20f83774b4c6af3d43d98710bc35a7e161f57b1038ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
43KB

MD5
03773f2eac2874e8074c119848128453

SHA1
df9bf9efdaf5b255f5469745c535f6e8150ec21d

SHA256
679baa700b2ec6120f0ac9756363ab92a65f962868b8f987211e8c593b1aaa43

SHA512
d7321f40e9e58f532598ae272f6c47fe6e3729419834d7a347364961b25898fd745976399a3e74693a5ec6456eb931d8bbb8c68401bdb843046b903a70c420ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
92KB

MD5
862200a7014db5cf50347bb2aa074c45

SHA1
d6b8b5b40918771bcc225a31e6fc22b3875108f8

SHA256
26eae3b757c004d60bb33219654b127a29028be80e83198c10cffbc59a4f7c6c

SHA512
bd9a8fe2883189dd1cd8b53241d5cf0dbfb29310dd1d9a9bba0c65f2325ee7cfeb790180832afe27b4ae134f66c30f80b947cc01028fea81a140b34b36be779c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
63KB

MD5
34d5015941e4901485c7974667b85162

SHA1
cf032e42cf197dcc3022001a0bde9d74eb11ac15

SHA256
5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632

SHA512
42cef1d6847f535a6e8afc0469b9f5ef79ce4ab21512ac7eeda8ef9667d5f24bb33b30aba9a29824b3d853d41d4addf6bdee2042cf4fbd0a033b61657c671f0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
28KB

MD5
4240f0dd256f341bb66235ea9b1f6a60

SHA1
310f9b4b75e5c8a6d6e887709c1d58c4ac07f557

SHA256
32100e921234bbea54a9e9ecef3205dfe8b5f5f8e6f61f8e5a56ac10179d06f4

SHA512
5b175fca3c3c6cd7f60d85034f16a8099b7960e2e2b61c70fd48048d279124938598a942412b369c7f8aed8a3db9f2b1057ae1f8756dc4efeb0bbb73daa9da3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
131KB

MD5
4c3683a5f2c428a47cc4e90163ca40e9

SHA1
64622f8763358ba3350c11fa752b9d7c69587575

SHA256
ef5cbd44d04e25d4fb61bd2653ae8ce8103d72ac07d7575ad22a7192b377a077

SHA512
28c05e858b8097dd8ff24d6d10cd4073f37b99d82534b19a4c02823d4ec2f87d4f13ee3633a2dfd77ea0d12a2d14d434f87e484d8a224217d336048cca28fd83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
58KB

MD5
cde91851c61ec18f3bf2b6c00fa1ae0d

SHA1
51c93eaf7d2b8701eb771379b666fa79169efc3c

SHA256
7bb05fc9b0807d2f53707453728de08c1c62572efc505bfc4efe97d2aeeba3af

SHA512
2e4f3f468e7fec41bb7bf1cdf70e7aeceb5c4e8c61c38a4cbeee62e5d705d1efb7119173638b62fbc243988a34e050aaf14b7daf51dc8dbcb0aeb2f7e822e162

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0d794dba4f0c8275_0

Filesize
3KB

MD5
cf83ebaad9aa92afcd738822aa77dc5e

SHA1
96afc3d613b549564644387539119b0af52c7ab4

SHA256
3a1bebc62c3d335ce77f3290d71108b252432906f18e3f517daa4b0c6213b9d2

SHA512
d05642d514f2265d06a98d964fc80024e6c51e4791b72f684de3f028ce332f245009ed75a9c81a605e10cc57d712134675e8b653e776709a850baef1f582934b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\225eba8e73ee1a5e_0

Filesize
332KB

MD5
158e5cc6c31475697f5fcfe495d5406c

SHA1
96651464a18b58d5793f202d98592ef153f6f141

SHA256
27b0b6d50d60db0bdf78819ff2535ecf65ac827b6ed0b31d95eef0a467a26611

SHA512
c657b85874895865136955ec7f3c113664a0307dc79d28de7d3a9b632a4acd0b1c9d0e00da46da346d99cac3d5328d8006169685e0e6fa8367bce357dc1f52f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5c557df0a69e0ac5_0

Filesize
299B

MD5
e349b3d97a266554eb82aa7d40331bd9

SHA1
155e2b7cbfed72ae5bc881ef31815b4f235d6542

SHA256
66e918a53cf82cc5e818893b11e25a43bb5ea99f72ded2cb1537f86e882698ec

SHA512
33969b83316509b553fc64decce199935f3681363f70e6c48cf2479459d53c05b117f27180d5936ac238ec0ad8bb3d70849bd2a904f2b2638abdb889e851db79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6aa7909c2b7193ea_0

Filesize
298B

MD5
a1e2bea4bac8692a1d8253180c3df5e1

SHA1
03dbee766ce82576a457169147d6858c9c697ba1

SHA256
e46cdce332c3204aedffcc7f86c662ad009c02f49d39bfb3ae958fef66bbf03f

SHA512
a92511f53a54b8acfbfbe718da3908a60748d07e2bd01b88770fc9ccf3e91e9d81c3d5701875a5ea82ca0bed4457ff8903b094f9f0c5bfedbcc569749c2161c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\722a0d2e7a953fb0_0

Filesize
31KB

MD5
46c273a59d4ceaf34154ab3433d1cee8

SHA1
4e64392b41eb3b095165f2e5623d8414fec2e3a3

SHA256
43b88c3941e8ebb25b5154069e734d6549def1446f210297fbfb5b767bddc1e2

SHA512
9a9ec00591469dd683522e96c97a517c99f70905b788d21cd6e7240e061f386ba434b45392250ed7652ef66f9cbcb75ecc41b2e4c7493c0a73cda28b63273c41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
5aad9598c214b613851a35fa27baa851

SHA1
ce488854b8d4080df027326da5d485fd743c9e0d

SHA256
08d3e6dbbdab89a1eed1fc6e2d405a38c8e7a9dd89c532d1df162d02c999578d

SHA512
1f1c238fe69fdeeefeb42569a9d950fc9c79edc9af84f899fbc5a5d29905500971914e5e0850be57a64633673d4c63937dd45a797cc456033f6a94e1d4ea1d90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
12KB

MD5
9b0fd8482aea844d9b529adeddd16100

SHA1
f9bff737993ffb72247870d353085b69c766cd70

SHA256
ad7913bd5fcd5d9da59949a404e19528cef04a9c052e468bed438ac045338084

SHA512
2f2bdc32bfb8f5fef3094c37c380197f195f438b6f2a8191acc81d3a196bcfbdabf99b5186206d56005c23780fd0d24e39fde747a3ef72bf72342c6c8757dbce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
cce1e64e6c119024cd41e79dfce2046e

SHA1
cb24affeb951a6f631cef7f5de3dad6184d59a2d

SHA256
fd2a1f533a24e41c10505ed779876a6afd5fb2fe02fbe1939dcfd7c8d7d78bda

SHA512
c0bd38d8e03b263add532394225bcf17392d507a2d64409dceedbf8e06cc4c609f88a0314492e82c8f94c742acf1d86a00119871ef08d6f046a145ff6fedc48a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
206d08a2cd638548724888d5aec6e558

SHA1
c0b7b4e30d95fac1c5ee0411638cda2a83bee7fc

SHA256
35ca80dd212b2fdca951bea6a37b98d6340b926a9b77174d43a174fdd0f44dcc

SHA512
9f0be159cfff86be9c01e9ba9db2d29eb0f8a7a678a2d35c93ea7fdc515657bc7a3a861a58939f2e95bf5541321d6bc3e81ce14066b5006df2156f8c2ee2f9ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
738c9a013ef6d88f14af75ad6e797b71

SHA1
6e024253f8897b245d9385a832787e89aa5d2cbd

SHA256
c277f207ff0725fe64d3f8c4019ce63a7c0366c55241c32f427a694c7d850e94

SHA512
910f9f5f545c453ea8aab9e1e0bfb942057f840d960e46327c6ac3200bfd850e915a76ac4a292d5d3c7f7f8ba9a49b7f1c1fbc5309af1c6ff968cb21baead809

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0c7f0a087695a20b71be3ede8a71aad1

SHA1
cc53532d0d8e752718c078b3b79b4b86af2b7d03

SHA256
7c23edc8ddce21bacc74203fa86beba04b9ec6e371890b711547d4f464c05307

SHA512
d066daedc45a621675ba8b48b639171ba93217d7e4d5669472c818a0f73fe2788689c926e1f882c49d7d9a1814c4be006e066d4e37f2147eca16fc25472ebabd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
987a9b14d630e1773f7840567830b1cf

SHA1
3bf962611946a683b054c8bc66fe727375de5e73

SHA256
9c46b13c2461ca845d55d2fd5ee08bf26cf843e37180794ab6e17bf838e0a80a

SHA512
b3c33844d2908c747c2eb9b750146527216c2b39a455e7d9126c845aa819cc29c54ed3b78de43f7f1740978f49746e0fd36390a0badd594b6d8cce78fbbf7943

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
ba084764b929d4fcf81d264c46fd6324

SHA1
3d782cf8c406588ddfe6f219faa8da7847d49d2d

SHA256
e4b81e51ed64df0e3cdf10a0d157753072c9f52470d7094fd2611a908f156b58

SHA512
2ef6a179f28dc6ccad4fee6ec103d1fed79f6ed2aa78d7f5832470f1bbe6e7c13575c5303dc6c9686a7b7ddfa377869278965075948774164ea3364437ff74d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
13ba3bdc85991cdfa2e453059be18c75

SHA1
ef77073becdc98cc7f43ac2e878935c83583ec1d

SHA256
5d008d1c6b7e4a3a51a2c6387977515adcd34ad154f60ed4de313465e1e7007b

SHA512
bb608afba1dbb424345116c7be693d422c0bee71660908ed6d1bcac205e4b32265414273656c0a0b16f2f634c75891e319a2532e08b365ad45eac269533101aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
89df282acfbcbb344aa308c3dcd115ba

SHA1
f599a84b524e40efe066d5d1257ea8ec0d68cfe1

SHA256
cbc5a5adfa2be33a20ee3f9b7f7d421948b17e4eebdf2eaa6361bd6279005d99

SHA512
29da7ae70fd9a0b3eb2440a271ac9c7a19381cb251a540b309cb9c59c6205bde9cfd7ea2f3f964c5b496f71ab819ff43dc16c1616646572383ebf971401cf490

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
df3a87272f42d1fa4a27d0aca142ce79

SHA1
44e7297545e3a2c69ab03ecf48a273b2c5df7b70

SHA256
ce1871945f4d262445bdeef441263a560c4d0c5cac4a23b06eab94edb4491f94

SHA512
6ffab16c1cf9634b4c41539827d8efae838fcc16b4295cace128a32923c4ce7daf9f773171f3e9c9eee16963f545ef78296d974ef91da63f813c5203608edd95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0ce94ec104d855d10d6a2c86d2c9c986

SHA1
3e3ac999db43684299b1c9c60c76ed2c0a6f594a

SHA256
5340bddd8023efb22706b858bd87107d2a5b8150b6b3aa6b6cafd8f07c2e59ac

SHA512
e86d102ed361369ade95c9c4d08348b453c1ccaf10efc43c34d29490d48ca96a67fb8de302defb43b94a0f30a38934ddf119bf875eff4e81cd9e69df646d711c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
487914800faca251c6025aa2ba8b0739

SHA1
b41dfbec69c4c88868f5d32df04ca88340420a1d

SHA256
7c62da19608c8c75188f52215e45d666e0af86f672f35ee191511f7982fee3e7

SHA512
190e1e0f0b34c995b2b0c9c29945a3e37e3570c5288ed0f469eba6761180628042289a9669cb49d7a546cf1b5bdee5b7acb421ac681ef8b8c306f07debf30a0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3fbeb787d4569eccba85cf446f4c7208

SHA1
6a9e34aa6dfc0d22e660d30668e63cfac5458cb8

SHA256
9cd6f3e42216447ff88096c41a9416b0e9a9bd926e15b8138384f55a13fbc64a

SHA512
2f9681fb114a1a35dee3becaa3d13e3f080e42bc5ac439b6144244690dd11cb515186d6209fdf1ae0ae3bb9230a06511a20936cfb1744d4e5b59c5205e0c33fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
b634843a1983e7a178e851101973116f

SHA1
91a5d029ca58674ab69441f26d2e558222436cb6

SHA256
d9efcb974dac4d05f0e9ff61549dd0581bb5c1d96308d345b3917d2c5e13aa59

SHA512
74e4a83b6a02c444fccc5b52f1b3fa5755af2f83ce3cb48fa539bc73869ad1d240128984db8bca03d83f398de7314aefd9264b18f61cd15e2d0bcc9fd60ff3ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
cf7cd594e78653c1da5de400c95f03a2

SHA1
c6f73986fc0dd488747cf93678712d3bd4d90aa2

SHA256
c825761f48dc17e25b9ae6babe49f61f8d697fcfc21be6d95546cd4f7c340897

SHA512
602ee3e6a9a903e793f25af742008bd5e52e3ce272b41bd93a19dca5ea31b2e050dbee563e89b1c964d349a5b4f3b7c39694273b30eed3bfc3b2fdf6ad106d4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
f06ce43281e9345805b34ab4655d4c8a

SHA1
ae28e5a94fcb64f9c00d6a42bfe6ddc00ee0101c

SHA256
de0497e4b63fd372b07b428e5cfa460fa55cadc3c1ad634ae6856f595a6d5b44

SHA512
e2cc0c53bd218bdf92501080b145b389e05dde89053006d64a8a5b9ddfc812bf8e3a18ef366ae2f268c43295d1a8cb9f8b4ca78195607685baa5c67e443ae371

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
104KB

MD5
4b7e2b30536ccccaa22020312bbfa492

SHA1
da9abc5e8800b589fe9ff111b2f91f700f65f516

SHA256
6b9b17f8fa896d4fc7955e8148af54a07d53b33cbaf94745a97fdb6780f230ac

SHA512
58aaad1e9b9222bd1db725ba37c7501dde35ff327b0eef3ef6eacee0b95550cd96a17daba6cf6480fcbe28196409e0e038b6c23451293eec041a09c68f56dd02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
121KB

MD5
b44554ff3d6f25905e7dbcf640418cde

SHA1
f295eb6df2426cfccaf4038721d774f58635dc8e

SHA256
02c1d9416cce28be6f4aa5a5d7e243b2820450b7529730958b0d877ea9a9f4e8

SHA512
de17c4000492d3a9f7d5c584bd8e0b67b6380b66d1da335a2417cb1768e576870af36ae10de37cb80745af4fe06c4005fc01cec19040188091460b8acfa7e4cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
103KB

MD5
725c61241340d4f646d4b85e63b993c9

SHA1
a43f187d47766d86f594bb52a76da7714a6e7f99

SHA256
fbb3068681b2305ca9adda312ad0cfaa83db20121cc35a1132e6fb5d6b812df4

SHA512
ccba35785c80f6895cbc9e9a65baee1f76b818ad26bd5bebcd92503a3f00c06eac0b18cab80e138db489a0c98dadb3cac653290753f6ca98474f05672c594904

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
110KB

MD5
1d222c99f701dabcf0a1c3e57a0215d4

SHA1
0d460d62584454e2469935d0ce49a0bbf0ae455a

SHA256
424da68641751c10e3f328344b925645ef3d2a01386403e4801ef17f2daa4b65

SHA512
396cc4a9b60453ca7fcefbe683d12a9ef509b7e17295d21bceedd588374f5dcdf427b65111383237dd2a68042f807b993ecd4b077a6703e703231c9b393ec92d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5867be.TMP

Filesize
101KB

MD5
d6de4d35e0d1cf37ddd53bc8a32071f2

SHA1
636b7f2c952cda123502175e59a748ca77cc6883

SHA256
9c09ce2b26182f713694819d80ba07f4db0e2888f4fd9309f090ce280143c196

SHA512
a9b3f4569b56928b86f259b620287a0f9b6f53d9b855997a7bf2fcb39abc5921d4e1185da10e2e138e1805e91c0752407e40ec1fb63f40ba70aa6a25a3271aaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit