hxxps://gamejolt[.]com/games/abaf/774513

Analysis

max time kernel
93s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2023, 00:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://gamejolt.com/games/abaf/774513

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133413722976696004"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2244	chrome.exe
2244	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 40 IoCs

pid	Process
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe
Token: SeShutdownPrivilege	2244	chrome.exe
Token: SeCreatePagefilePrivilege	2244	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe
2244	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 4220	2244	chrome.exe	49
PID 2244 wrote to memory of 4220	2244	chrome.exe	49
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 4600	2244	chrome.exe	84
PID 2244 wrote to memory of 680	2244	chrome.exe	85
PID 2244 wrote to memory of 680	2244	chrome.exe	85
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86
PID 2244 wrote to memory of 636	2244	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://gamejolt.com/games/abaf/774513
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc2c079758,0x7ffc2c079768,0x7ffc2c079778
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:2
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2948 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2928 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3944 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5544 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=1584 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4832 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1072 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5224 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5860 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6244 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6168 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6032 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6184 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5720 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6988 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6944 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=7304 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7456 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8136 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10880 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:6604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8064 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=8116 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8100 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8080 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8060 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7804 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7876 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7860 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7844 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7828 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7784 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7768 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7752 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7736 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7720 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7048 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7700 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7684 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7668 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7660 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7644 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7632 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7600 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11568 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:8096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11556 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:8104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12136 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:6564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12116 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:6644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=11988 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:6876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6984 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:7164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8796 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:5976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=12192 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:2
  2⤵
  PID:7068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11284 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:6680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7812 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:6528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12220 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:6112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8016 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:8
  2⤵
  PID:2552
- C:\Users\Admin\Downloads\a-bite-at-freddys.exe
  "C:\Users\Admin\Downloads\a-bite-at-freddys.exe"
  2⤵
  PID:8028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=7196 --field-trial-handle=1832,i,8888016021278191235,11583180355919650362,131072 /prefetch:1
  2⤵
  PID:7076

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5024

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:4900

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
PID:1700

C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
1⤵
PID:6552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm

Filesize
16KB

MD5
65ab2ab43110cf510d526daf2bc3fe29

SHA1
b7f1ed7021cda992643453c8a6473a8d5cfcd1ab

SHA256
9316c010b4bee61c556fcce927c3ba433fad0c88aef747fad71c9b1249d99b64

SHA512
337587cf22946b2a84906789873540572cfa85499b88a97db6c60eb46858abae16c770e2be1f5d46d0313b3756bc289905183b6df5e265ff891819380a484599

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000099

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
6da43900ecb36fdf0f96edadb02f3713

SHA1
34d2a25715acd64722837d411a3b4f7829895c8c

SHA256
e22b6762b1e4691c96db058a0926ca3a551e3365770e0c480f92464fb4db682c

SHA512
d1316e890697458d9cfebcbbe12ffac1dbb9fb832e8cff172d227be6c05a9afa43f9803f72df61294fbedc4e6f252789cfe32266cc17df3afef19d0160312aa2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
176264219ea9c38cede29bd0c81aa193

SHA1
7f33b835e70e2fb009b5d985fc77444dd1cbb3a6

SHA256
8dcf6e028cae1259991b1a63dd6a57984e54bd02d5f38ee0f934eefb435cac19

SHA512
cf6962cb77908e0cfe8f97b8982098ed0d5aae7933eb34499c83117d7afcc5d4d53c7fb34b827e2007d038fbb487fae74196310916515cc6f4f0358e3f055356

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
ca5a5bb4eeb620fd44d1550f80741112

SHA1
5135b5620506dc8e5c62700a19ff57f9619d30a6

SHA256
1d286c1acb86dc91df13d4d8b2c3db212879b5ce5aaa6118b49cceeb59a76bf8

SHA512
3b95e01d0631434d7f37a21584aa6bf7a7d647a26e7b3a95b47df2e1e13fa1666afb0829c2ac4b6281e38f696073639762a464de4f748aff830ded569a3b3e40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e51ac1da0700b1c787d1633f77166d1e

SHA1
8aaf8e319f28ccdd57b59c9424b53dfbc8574791

SHA256
1a75741121f07da7b825bb252b609bea5761e823256d51363a2240ca63228a1e

SHA512
6c3a557c33a657c51657ad00271239dda208ef982278fd3761a81cfe1e04353c69e0a2d99b24613a5d68f123719b80e9a56e42ead379f8fc2fc9652dee56e71b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
3732e937601251515aa8f45f8063701e

SHA1
cf3dda126e6547cc3f500bde5e61d80b1aae819a

SHA256
2793c43bb614ef90530eaa6b0905cb4424dad79380dd2929a5e7f3f5c5e36758

SHA512
d29bdd95237f7cf80073de00f4bce43a020af9e126fa724a3bc5675eac0a1649e4e1688a05259ebd5defa10277b26bc93ea352c497af4e658ff51684065976b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
f9ba09dd59702fb4d0670179b4cca80d

SHA1
14392c2c5ddcc022b5ff577a816e848dfeb05ee1

SHA256
589498475d547b8dda6e528adf1c43048a8b1f616f330127f7648903e03e322c

SHA512
45e9e40ab7af02ff32c9732d464879de99b48d4e38eea5ec9b6c8adfd9166e982ee85ff8cfb15d2a47b0230abc51af3cd8b630b1d5ea2f3574f5dd8af1836813

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
d199f0c8c5c84e49adf40fb664b221ec

SHA1
e42dc6bc4c5e0fa05fd3dcf762cafd9bfd8c9b2c

SHA256
1b82298ffe9916b6d24d08024690c8868356d1d682bee12d0e67d072ff652341

SHA512
3d2aedc8dec847f50066b7f5dbe9587929330fd6c032dbc1ee32ee89cba8bd9b2bf38c8f73c252c74373678c152ccdcebb4726ba339ba14f475e83150cc01844

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
90616ff8f1a73a09578b6f66a68cd7fb

SHA1
55702f91b15a1feefb17404c004597d7a86b0b1f

SHA256
d54d32745f75107d706b32e462f0bd386965a08b8fdf8039ef7cd2fc68122ea9

SHA512
048eb6d4486eb8a5f71a394c8bc5078da7c1a7d01230ca22872feb990fefb2a20d23b35da8136f4e72f9b1117b7106513fc252ae6cca24329299cab574a1b1f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
6151cf6a7261a99bc454cf21b787b331

SHA1
5e7a560d5623f336249a3cd37bd47c01a67e04c7

SHA256
c4128ab7664f70592a5d7070fef41a9c7d22e8d29582af40702dac29fe825118

SHA512
6cbefca02f1f1170a828bb8c568cfbbf3f02d56a2ef74b10e9ad9ca7794ba5676cb2e7a3a073d4f26c6818b652952a309c55090dd3ef5a7149d888759736b136

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
516b63c2277fae79d55169d1ab52aee1

SHA1
ac6330e13628896168e8368297d6be2ca9be4a00

SHA256
555655f588e904bc259792a7b68cf1584778fc1a6755b097eda5f905be2eebbb

SHA512
6745a43e32f4d1b4e9d961c6433d48a4804c3ca9d3b68ee2cf34267d033095686e249a5cb29002cd209deadad4e29ed24235a6d3503f597cf7595e4c399bc4ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f9f9c54a7a8658c21ff362b83b07e563

SHA1
b9b2956f53a98e23fb0c34c87a6ba2606680195b

SHA256
2f48e1cefb7642e373874ddc917df98de246912d4f3719be1acd232084987245

SHA512
ab02e2191f8f6228c11219aa8db82553758f14c46fbc52f68fee1eab5223c33cf321312d219c29ee115431c3e78a1cab9c4f80e4baabe2d879165a416234834c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
cc78d2e2d5f44863bfb0b1663a94fece

SHA1
3e062491a241a34598f3ad88d9c298f80839a135

SHA256
54a041d9c3c413761bcc38775f4c307c05444eab1ead74d54a9a2a9bb457625d

SHA512
95314641ab63097e7d23732bbbf5118b4d19bf584339e3f5ed967f9a132f4065adb6218a2619b2ab02f4d10a46e20e9e21d81e7ce75029256182266e7e6d4eb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8f2dd4155afd373b2ec67a5330d62612

SHA1
e159b0b9288fb58d0622f853032e076100adfd32

SHA256
40da369eb3846f4d3079a5fa634e227c6578c67dee403d6164a12ae71079e3ec

SHA512
fad1f0c4a83b74d4ce1653101098594c3e47c5e257602ec1f13a67fe3e72ddd71a77fc6ee36693bdd2db259de6f08f34d9c43526a27a0941148cf5eeb2e9f99a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
02a81730171928549751a69c75921ea9

SHA1
4855d56f0cfba0af30ea1d3c79ab059ff68189eb

SHA256
ea955cfc4defe26047dc328b90d97a2d235bc7d6c9100510995fd55d7c2be727

SHA512
5e99aa57d9d82a0fa9d055d92bf104e12d940eae78baae5f346ea1939729302c3e9501c5223bf6e11280eac6f2c7278c85d303aa5a95f25854e7c15360937b1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
92809dbdca0c10e38602f8865430fe5b

SHA1
35fcabc4faaebd23a3d9004fcc19909428c17562

SHA256
6a474f28402dddfb44227fa2b512246a4cef1f72ef58bc4b0e6ae11464a7ce4e

SHA512
60c13450a3bc885329e8b06dd1467409dbb630cd0b96362dc1dc183f7650bb727ccb020852fff8c55abf23284316841a95febb50a724820f97164022b305f128

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
176a86d4af7c29823ebdad487331aab4

SHA1
d9c3bf6dd3932882fc6a0d68cf6c37e16ebd303b

SHA256
598b6fda705b771f00517a83465c215184e1d6fbb2a9982bb1307ea564b1c71a

SHA512
2f4c5aac12c499cad7bb9b38d90b21565bf3665725f6398bb0e4cd2c27ca25538c97fdac6efe267435f20c05215c66af223bba19b60cd91fc34b59d0f889b3f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
110KB

MD5
4845b5fa501cff33790d8a03f7842753

SHA1
7c8e4f923e975d62a812ecf3c5257c74b770dd3d

SHA256
0158e13497dcc2d704efd8e8030554801e3e353f7f61a6ee19a5581059bd1b08

SHA512
4f70a9e1e1c7e82a5cec1d9f0f6f6a8c9bfff4d8a56a7035d3f2b21a7686202b49c41cdda2596515f14b1501793171b7a1d64325f8a7c671b4c277b2e58e7c70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
117KB

MD5
8b5b7cf3652c5f234600e75fbf5d4229

SHA1
3defabfba68fc2c31e357df23562f43f174c3f56

SHA256
f0cb52cded63a1d43ff89e45f1f2c84eddd296ea7664737dbd52010ce3a064ca

SHA512
afe38be7561d68ba3f5715f3b019e9ab750d969ea8848351880f919c7b0ecdd6083a8b4fde2d74022ce0832edd9fd42cbc2daaab96985042e5b9684f00718eb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58f41f.TMP

Filesize
101KB

MD5
3a3c3e7e7a28b195c4e562a3c51e2e81

SHA1
136313266ce4b3412357c2b43d411d1509c8ae6a

SHA256
7d739c1dd931a7860804573432f650f8e12bbc6a3dd87e540256fec3ce0e93c1

SHA512
de54295f4d0707ed89bd4f4ad766d00a59f126f3d634eb30157db7b9c57e2e112b904ef4282d2bfa4a0d32c33c01cbcd9a55bf8f90ac553dd909f1356128f818

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\a-bite-at-freddys.exe

Filesize
97.9MB

MD5
c58569446c5e1e51e032a88096132706

SHA1
541cacaff9a431dbfd9310672867705e27984cb4

SHA256
f2c7d770e6f11fb3a735ccc3780d7179995d5cf7ee7ef826d2b7c2c687ce780f

SHA512
cd52ba4cfba173963856353752640e3d17b6f634ef10144456e5223f82333c5c1f8cd057f1b9fc3cd99f0229d1b0ea15b6bdbb986a12e28d50b6322994952989

Download Submit
C:\Users\Admin\Downloads\a-bite-at-freddys.exe

Filesize
52.3MB

MD5
244a6b9451cb67a863e99f80efba4e03

SHA1
71c0768d0ea61850c38db180d6f8fce910b3668e

SHA256
4b0d94ca5f232764af0a8563dceefd8ab70113042ed93c2573f3baae4db2d294

SHA512
cb4e43f3ed503dd7ec0914ecc5342c01c8c68748c85c0d9632077cd59310bd01fd0eba3e3e4168f35b8de9d0cba328406c5a1630fa51f7943caf3fe58ecad093

Download Submit
C:\Users\Admin\Downloads\a-bite-at-freddys.exe

Filesize
50.6MB

MD5
1b049df379b209c6ae5653a03640f2af

SHA1
a5390ab0e81ff9f38405d99666c4ace0a90d2cbc

SHA256
172d5120ffd2edd06348202dd7751a1d6819a09ae5e33f9f2ef3870c1e993542

SHA512
4e31dd2da7fcd386f598da9cc87d5d7419387389d22f720cb2feec5fd4864725ded62a162313a35091b4a2bfa462d2687ec52b856e7aedf231bccb77232f4cc7

Download Submit
memory/1700-512-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-519-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-544-0x0000014F7F780000-0x0000014F7F781000-memory.dmp

Filesize
4KB

Download
memory/1700-545-0x0000014F7F780000-0x0000014F7F781000-memory.dmp

Filesize
4KB

Download
memory/1700-546-0x0000014F7F890000-0x0000014F7F891000-memory.dmp

Filesize
4KB

Download
memory/1700-530-0x0000014F7F570000-0x0000014F7F571000-memory.dmp

Filesize
4KB

Download
memory/1700-527-0x0000014F7F630000-0x0000014F7F631000-memory.dmp

Filesize
4KB

Download
memory/1700-524-0x0000014F7F640000-0x0000014F7F641000-memory.dmp

Filesize
4KB

Download
memory/1700-522-0x0000014F7F630000-0x0000014F7F631000-memory.dmp

Filesize
4KB

Download
memory/1700-521-0x0000014F7F640000-0x0000014F7F641000-memory.dmp

Filesize
4KB

Download
memory/1700-520-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-542-0x0000014F7F770000-0x0000014F7F771000-memory.dmp

Filesize
4KB

Download
memory/1700-518-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-517-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-516-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-515-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-514-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-513-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-511-0x0000014F7FA20000-0x0000014F7FA21000-memory.dmp

Filesize
4KB

Download
memory/1700-478-0x0000014F7F340000-0x0000014F7F350000-memory.dmp

Filesize
64KB

Download
memory/1700-510-0x0000014F7F9F0000-0x0000014F7F9F1000-memory.dmp

Filesize
4KB

Download
memory/1700-494-0x0000014F7F440000-0x0000014F7F450000-memory.dmp

Filesize
64KB

Download
memory/8028-957-0x00007FF6C41F0000-0x00007FF6C6625000-memory.dmp

Filesize
36.2MB

Download
memory/8028-989-0x00007FF6C41F0000-0x00007FF6C6625000-memory.dmp

Filesize
36.2MB

Download