Malware Analysis Report

2025-03-15 03:33

Sample ID 231220-ywqfdsggc2
Target Electron_Cracked_V3.zip
SHA256 6e5f4e02cbc149a454d363c1c0934543c57fc8c519040c11441dcd601eebc547
Tags
pyinstaller empyrean upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

6e5f4e02cbc149a454d363c1c0934543c57fc8c519040c11441dcd601eebc547

Threat Level: Known bad

The file Electron_Cracked_V3.zip was found to be: Known bad.

Malicious Activity Summary

pyinstaller empyrean upx

Detects Empyrean stealer

Empyrean family

Loads dropped DLL

UPX packed file

Unsigned PE

Detects Pyinstaller

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-12-20 20:08

Signatures

Detects Empyrean stealer

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Empyrean family

empyrean

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-20 20:08

Reported

2023-12-20 20:12

Platform

win7-20231129-en

Max time kernel

71s

Max time network

151s

Command Line

C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3.zip

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2528 wrote to memory of 2556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 2556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 2556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 2548 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 2548 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 2548 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2528 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\Explorer.exe

C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3.zip

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef4f69758,0x7fef4f69768,0x7fef4f69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1428 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1652 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2364 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2340 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1172 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3048 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3604 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3720 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3840 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3956 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3924 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3652 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3624 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1988 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=696 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2484 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2436 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2828 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3060 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2836 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4088 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2520 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2408 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2776 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4128 --field-trial-handle=1380,i,1494443123329901942,12710065991757289003,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.4:443 www.google.com tcp
GB 142.250.200.4:443 www.google.com tcp
GB 142.250.200.4:443 www.google.com tcp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 216.239.32.29:80 pki.goog tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.179.238:443 apis.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.200.46:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 142.250.200.4:443 www.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.200.14:443 consent.google.com tcp
GB 142.250.179.238:443 apis.google.com udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 216.58.212.238:443 www.youtube.com tcp
US 8.8.8.8:53 id.google.com udp
FR 216.58.204.67:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.22:443 i.ytimg.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 142.250.180.22:443 i.ytimg.com udp
US 8.8.8.8:53 accounts.google.com udp
BE 64.233.167.84:443 accounts.google.com tcp
BE 64.233.167.84:443 accounts.google.com udp
US 8.8.8.8:53 rr2---sn-q4fl6n6d.googlevideo.com udp
US 173.194.57.199:443 rr2---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.199:443 rr2---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.199:443 rr2---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.199:443 rr2---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.199:443 rr2---sn-q4fl6n6d.googlevideo.com tcp
US 173.194.57.199:443 rr2---sn-q4fl6n6d.googlevideo.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
GB 142.250.178.14:443 youtube.com tcp
US 8.8.8.8:53 consent.youtube.com udp
GB 172.217.16.238:443 consent.youtube.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
GB 142.250.180.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 i1.ytimg.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.200.33:443 yt3.ggpht.com tcp
GB 142.250.200.33:443 yt3.ggpht.com tcp
GB 142.250.200.33:443 yt3.ggpht.com tcp
FR 216.58.201.110:443 i1.ytimg.com tcp
GB 142.250.200.33:443 yt3.ggpht.com udp
US 8.8.8.8:53 suggestqueries-clients6.youtube.com udp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com tcp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com udp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com tcp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.200.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
CZ 142.251.36.99:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.46:443 suggestqueries-clients6.youtube.com udp
GB 142.250.178.14:443 youtube.com udp
GB 142.250.200.4:443 www.google.com udp
US 8.8.8.8:53 i3.ytimg.com udp
GB 142.250.200.14:443 i3.ytimg.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 216.58.212.193:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 rr4---sn-4g5e6nss.googlevideo.com udp
DE 173.194.182.201:443 rr4---sn-4g5e6nss.googlevideo.com tcp
DE 173.194.182.201:443 rr4---sn-4g5e6nss.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-4g5lznl7.googlevideo.com udp
DE 74.125.163.170:443 rr5---sn-4g5lznl7.googlevideo.com tcp
DE 74.125.163.170:443 rr5---sn-4g5lznl7.googlevideo.com tcp
DE 74.125.163.170:443 rr5---sn-4g5lznl7.googlevideo.com tcp
DE 74.125.163.170:443 rr5---sn-4g5lznl7.googlevideo.com tcp
DE 74.125.163.170:443 rr5---sn-4g5lznl7.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-4g5e6nsk.googlevideo.com udp
DE 173.194.182.201:443 rr4---sn-4g5e6nss.googlevideo.com udp
DE 173.194.187.72:443 rr3---sn-4g5e6nsk.googlevideo.com udp
US 8.8.8.8:53 rr3---sn-4g5edn6r.googlevideo.com udp
DE 74.125.153.200:443 rr3---sn-4g5edn6r.googlevideo.com udp

Files

\??\pipe\crashpad_2528_AKOWOPDDZDAHXADE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db39623ddc4e7f1092643b50ae0e5ea3
SHA1 4dbc3d1cccac29645108d00c5503ce55eeb4eba1
SHA256 4d4771292a3ddfd7ae4b620b76e8ddcfba40bfa2729d96bedec61053804613ac
SHA512 df90a3a09c7af039491ed0682a20a41db4501f87c14d8b43b473831ed2b6b69863ac7b8c53e556bfcd62750ed0861b83733ba80ea9ffa3c589c274a59ee893ca

C:\Users\Admin\AppData\Local\Temp\Tar747A.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7f73961c76eb89dffcb1a94ecd036f05
SHA1 b3963ea000f8905a493b8dc422029cd3099f3933
SHA256 4225e9c4982ce1daeb738746faaa3b4fa8c547076f5f71f2f9f5bfc0e8e81d64
SHA512 4951fd2fb985ab47930ea7587a43ea7afe073bb36ee4c37fba1fcde9bfc58eccbca4ce795d30ad52936f8231c8dad70b3a51ee8e4a4709fe27d8a26ce681afa3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 929729aa7cff46b3dad2f748a57af24c
SHA1 81aa5db7dd63c79e23ccd23bf2520ab994295f2e
SHA256 3c63e6c7fa25849799d08bf54988bfb3b77b1d1eebb1e55a94b64995850cba2f
SHA512 a10eaa6f2708b683bd43295b9c3da5840c0eb6d8a6b9e1922a534270fecbc0dcdb4cdcc28768df292a06f6210885b510254bdca17e5b3c507b0337fe7dc3d743

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7bef5ebb6885fa1038646ae07b829a0
SHA1 14c6cd69d4660b912d67b2ea8f04c839391e9dc9
SHA256 7aad090f53a1ed0cb5a8ff02717baf95f6a2bfd4121ae0ed5f02eefb1de70c7e
SHA512 a37d9f127bcd30414f4addb136432d429fbaee8c1e12725a05a66fa3f0e025239563dbb23175da580cfb03ff7dcd627d0090454ef45f1bbc33d3e892175637e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cac237aead52c7047ca2cc40ee7f590f
SHA1 42a921edc251f82bebb227042d4fe2dea0430590
SHA256 f905d52b986efda1b8ea244b6f00da29501d1a82f5dd4e6e9b2ea393ca1c6547
SHA512 6df1dfe4f3b83fdfc04403f04ab6ff220a48db556a1eb572b52c91a858076205444c655c5f0d2291702af10a62c1dd8579dce616945daa9e04a7ea7c2b5cedd6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf77ad11.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 919c3af31848f185a5e532f4b0d92cbd
SHA1 2cc62d1d763fd2190179fa85f969e56979aae15e
SHA256 2940a9571efa8efbafe9c227596a09f319fd2e3e767579827570ca2e6b2cbafd
SHA512 bc8cd91fb64ac58e7a56d542d44afd2f7bd9e6a4677cd12b86e5a737ead0005b172dadd0218c55f8450292367c4b2e8e44f17b482fe5f7540a107360721fca14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b20ebf6cb68ee6e9986a17b0d590615a
SHA1 66f486c9ce3dd73d01501258bb5ee007f39df5a9
SHA256 1b3ed9d381131fa6affd8711bd1546270b10a41981eb7b584102318213912e3e
SHA512 9a00d3cf3e0e3173493aa69b4b289fca4ca75d88a358e92e668f91fe8128824e40054baccda12ad3a8315c3aafb04e820bce61fceb36a968c70d6bb961e72fd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2528_1589920342\Shortcuts Menu Icons\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2eec53d2461835ee058c384970dbf8fb
SHA1 9be306f916afa2142c82be11d1612bf5cf82fc70
SHA256 33008a60ad4580c20c4e2ea5fd7f21640999af145d844fc28623657ee8a2e069
SHA512 da689d4223250de7f425630e0324aa4370307952f0ee691035ed78374a0be4936badb226fb2fc479d82d9143559358710f194f3d8f9072034d7cd2f786f25c7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ac87b07d52220da9de07246c3360fe4
SHA1 4434bce0bdea195bc1fa76ebee21cfeb0b767238
SHA256 7927de866bb863e148bcb971a974174abf85d9e925de5918e1ab9c44118d3f28
SHA512 6699e5c79366b9086f0bf3c2ebf754b751a791ee8a11a0985e02c083cb2cd05aab8e0ed3ea3ac3becb2115ee470956c16d9a24f46229502360264793b140ccea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\12883a44-7914-41bb-b905-221949bb311d\index-dir\the-real-index

MD5 e8cc06758643d00a6bb96b52d2ed3b57
SHA1 d3a7a89ac1e00c7cfebd0c5084839ba00f0076a6
SHA256 23136ff8b081d107a131039e346d587459c2234559dbaf48a1ca12703bf0bc20
SHA512 4b1d80154b8f95c3649228f1fb4c753f6a27a5861f3b61f317a50b9ac6c6a860fb3e236a6d84b1d419443503a752e47910f38b992cb21d403f149f7295eea1f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\452c4356-5a6b-4653-af7f-66b3ce150413\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5241b287dc04bd923fb027b0da886e62
SHA1 2743bb6472177e3d62444addaca79cbaa27c9205
SHA256 5bd569a5cc86bc070d20975769c7faec13839aa4dee04879a8559973e234884e
SHA512 0c8fffc4d4de83d043cb5369f66ce8a317038ec395230b840aeafb70841e13e02171adad7ef1da0b38bffe61347d5f37b0464d3586fb2592ad5605e0c239323f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 72e296da7b67ab6743d93e5b49b445dc
SHA1 05369d4801cdaa9a445956be7285f96cf2ab7685
SHA256 1548d8969f5e020540176ba2a1d5aeba026a4054292f50fc2af7cb9d022250b4
SHA512 a4ea5a96059bab79a7344f22b43858a96fe7cadbaa9ab8d08c5b4153efa066fae01a09faabd04706a00c13794e5b46f044818b673cf12a2d21e28f128386329d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bef44f9c9935a3c0aa078b462800f603
SHA1 69bce67ec709e0f28a19163fc2ff8fd4362f3f17
SHA256 61be475c22a0b2d11b1c9b7ca849b8163b873735e1c03507e9ca4af70d123636
SHA512 4242efe2f582d3c3867ac4057b16c17844eeb160d7584da727832e82e3a50d229271f6f87ab22860c2821956e0f5edc726cfef36b8c07774f19dc1675ed7000a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 479a31a396f136f1fb9926556b30583a
SHA1 2f06fa0675fc600bf1ebc1ebce03f9f36a126775
SHA256 9b1fab1b4ed4404f07d9b4e2cdc7cf8725aa0fc22fa71d36837c51ed950f0247
SHA512 7afd57b2b8abae7b716c93380b946bbdf580a75f73fd4c1fe4bce5ff54af5214caca00fbf66d829092c5446e8d4fea8d84e9cbf364a7454ed2b4624ae7d330ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 61535cd0cffe75c8a5cca917e1eae6f9
SHA1 6ec971eabe7e224c05b8412cfa8ddf84adec1005
SHA256 62b9599c6af392d93900bc0a3dcee86eaceed1190425900b2bc1571b0ef60f0b
SHA512 259f68047a759bbc1a04a96872286806666e87cac048d8f4e599e22a9ac42371ac73680955eac9b89c441bf2556357df2804d04f29b0ce516e7351c53ba9d304

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 ee7eeb5e3d335bbd398e37f28f144bd7
SHA1 50b3fa066777a52e47b48e5c665488c42b2991a6
SHA256 d4854afe49dcc79bb2885b92ec0686a4ac590d9fabd8806387967f340b01b734
SHA512 be791ae10b32b095bad1db7651c8e6fe8a88fb78a304397161cc46490b4d92bbe20f6d5c8c3dedeebc9199e432f9d1d8fb149caf056ad2aaf43e6223b910167c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 3f40a320e38fdcac641212aac0c6d108
SHA1 bb4f59f5a38dc76a3adb6c556504340f77b7e80b
SHA256 2d95953b6d836187bd1883a8b159987d00c4deff1bc571000190d4df4116048d
SHA512 627306a325526e8e1cae2b7cc3f320fa77b00933da8ceed7d8848e5bb06fc4aac1c5c730dc35a790cbc2dcbd001392a8e94b4c5abe2a923d25d9391fcc3723c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 d8aaf43be479ebeb2e9c5d3738e84cfc
SHA1 1a4e8455c54cd36849dfc4dc1248081a3806cede
SHA256 e4f1f824d41ebf9702c3dcb54b79fdf1494063ead25ef8cf82e845492ea58033
SHA512 1f6eaecfe4f694ff637e8264bc48d4ca703622a569f9ba4f864c34ead0e0e2c152c854489a9ddbfe4f7da844ecb1ebd14b775e1a6dd9e7e635ab741b54d0be7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 afe7d86fa536415872c1adb7bf952ed6
SHA1 9d642665fb2ea376e5f8d600e6962849107596c7
SHA256 32c9a40fddb6082fffdd710b1d54228c7ea745083a3a024c2da3ce08dfeb6569
SHA512 1d35776905e9911ab74a9193ab96061f960bbe9d8c388d3b980ae68e02d83e87ef755f4b21fafb77c2146fb5dfb68bec811cc65f138e7784676e6199bcda9685

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 082d69f2a9f385d27a0b8db57ddb7ed1
SHA1 5fe8eef50362052f3d00c404f07b5ae405c16175
SHA256 1613b74e88c6db0be0d7c08f78d3c8258251efbe40a43a7631015ebc7cf84129
SHA512 480e57d542ffe2b43cd2d532a27bec71ee906a77f36a8f09927f9e548072d825679d0fc0dc7656c9869a5ed88b8e1e838ae803e4320f650c2cab564d987b080b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c0a5d751868d586bae03173b117cb84
SHA1 70c576909e60a4a97409b233c09551b7c1e9848a
SHA256 faa9e380009c308e6dfd100989dfc4cdf6280f21978a2ecfaff57e266d333002
SHA512 9c493ab514dc48b112d280a3e464bff0ccc62dd0723f8c7aac4cce727c37b4b0fa35412da441176e251f8bd16a2c360f3abc53e807d4934f5d673115a520ec6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

MD5 48d8b52fbc510f948e19678fc34c29f6
SHA1 86da40befa154a0adea0dc9285967304389e80bd
SHA256 53165aea58aedc977ab4e526693b00437e1dab34fdebeb520953b4f69513c8a6
SHA512 d8f0bdbcf0c52229863db38e8cc5717430f7c1f317e9da6eea4a8aa1900fc7a3d4882be2870b6959c763b81949b4ae6484680bb217d4d3620d4740f1ea2fae30

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-20 20:08

Reported

2023-12-20 20:12

Platform

win7-20231215-en

Max time kernel

144s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1684 wrote to memory of 1924 N/A C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe
PID 1684 wrote to memory of 1924 N/A C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe
PID 1684 wrote to memory of 1924 N/A C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe
PID 2836 wrote to memory of 2736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 2736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 2736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 2400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 2400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 2400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2836 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe

"C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe"

C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe

"C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\ElectronUI.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6ea9758,0x7fef6ea9768,0x7fef6ea9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1192 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1560 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1664 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2356 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2364 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1456 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1296 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3352 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3572 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3688 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1288 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3644 --field-trial-handle=1416,i,9141802795026118735,2238951784491143791,131072 /prefetch:8

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\Desktop\SkipLimit.bin

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.4:443 www.google.com udp
GB 142.250.200.4:443 www.google.com tcp
N/A 224.0.0.251:5353 udp

Files

C:\Users\Admin\AppData\Local\Temp\_MEI16842\ucrtbase.dll

MD5 cd50c9c6cd356638efcce2e6875109db
SHA1 217a243cf87cc8eac82cab995d0ed2e57d61efdd
SHA256 1bc51508bf6f671fdd999af1accc0b31d23e69a788025ec12500dc2463cbc728
SHA512 429084b71469c291c490823af3487cbbc59b59a795fa00446518ce9b359bb5518af81d80e7b47ac6110648830cfa6a9c679bb9328cbd63a2fdace7bc1f266c0b

\Users\Admin\AppData\Local\Temp\_MEI16842\ucrtbase.dll

MD5 6f3282371473ce80aa4a16036f41aa75
SHA1 3a8c114562072fa6954d13cfee740b21c4eae4c8
SHA256 9809c0e5f77ca7ab2c04f7536d1882fb9364a58074605aa0f638803b4968cf84
SHA512 d08e7fc1077913b474c55d3166c80abc1fabf17f9f77f4463d988e29eb8239ad57a6fd2fe3a10fe743c6478331936f26db98cc78d85d3a28e95cb815673827a0

C:\Users\Admin\AppData\Local\Temp\_MEI16842\api-ms-win-core-localization-l1-2-0.dll

MD5 3589557535bba7641da3d76eefb0c73d
SHA1 6f63107c2212300c7cd1573059c08b43e5bd9b95
SHA256 642b01bb93d2cb529acf56070d65aae3202fd0b48d19fd40ec6763b627bcbee6
SHA512 7aedf3cf686b416f8b419f8af1d57675096ab2c2378c5a006f6ecbf2fe1ad701f28b7be8f08c9083230cf4d15d463371e92a6032178cd6c139d60b26fbd49b06

C:\Users\Admin\AppData\Local\Temp\_MEI16842\api-ms-win-core-processthreads-l1-1-1.dll

MD5 774aa9f9318880cb4ad3bf6f464da556
SHA1 3a5c07cf35009c98eb033e1cbde1900135d1abf8
SHA256 ba9fbd3a21879614c050c86a74ad2fffc0362266d6fa7be0ef359de393136346
SHA512 f7b57afb9810e3390d27a5469572fb29f0f1726f599403a180e685466237dff5dec4fdce40105ef1bb057e012d546308213e7cec73e0d7d3c5815eec8189a75d

C:\Users\Admin\AppData\Local\Temp\_MEI16842\api-ms-win-core-file-l1-2-0.dll

MD5 2b36752a5157359da1c0e646ee9bec45
SHA1 708aeb7e945c9c709109cea359cb31bd7ac64889
SHA256 3e3eb284937b572d1d70ce27be77b5e02eb73704c8b50feb5eb933db1facd2fc
SHA512 fc56080362506e3f38f1b3eb9d3193cdb9e576613c2e672f0fe9df203862f8a0f31938fa48b4ff7115dfe6016fa1fd5c5422fdc1913df63b3fde5f478a8417a1

C:\Users\Admin\AppData\Local\Temp\_MEI16842\api-ms-win-core-timezone-l1-1-0.dll

MD5 b9a20c9223d3e3d3a0c359f001ce1046
SHA1 9710b9a8c393ba00c254cf693c7c37990c447cc8
SHA256 00d9a7353be0a54c17e4862b86196a8b2bc6a007899fa2fbe61afd9765548068
SHA512 a7d5611c0b3b53da6cac61e0374d54d27e6e8a1af90ef66cd7e1b052f906c8b3f6087f4c6de0db3ae0b099df7689ecde6c815a954b728d36d9d3b5d002ccf18e

C:\Users\Admin\AppData\Local\Temp\_MEI16842\python310.dll

MD5 a47d9c7fe5d471a7a762388e195b011d
SHA1 5a1a1ba76a2c35b583fb9282d7a84c699a8eead7
SHA256 64969003255fdec254b7efa302e2ca071f8bf8d4357e8546c83d6c804849a928
SHA512 cbcd75d7110bf698548a6809a41246335899364cd1cfb122cfffc36b65aa3913719d51e2f0ad441e8a4f131165c3a2aea9fbafe8cc67fb0ca38f2131a848382a

\Users\Admin\AppData\Local\Temp\_MEI16842\api-ms-win-core-file-l2-1-0.dll

MD5 bfffa7117fd9b1622c66d949bac3f1d7
SHA1 402b7b8f8dcfd321b1d12fc85a1ee5137a5569b2
SHA256 1ea267a2e6284f17dd548c6f2285e19f7edb15d6e737a55391140ce5cb95225e
SHA512 b319cc7b436b1be165cdf6ffcab8a87fe29de78f7e0b14c8f562be160481fb5483289bd5956fdc1d8660da7a3f86d8eede35c6cc2b7c3d4c852decf4b2dcdb7f

\Users\Admin\AppData\Local\Temp\_MEI16842\python310.dll

MD5 08dce68e5333616a6c755b6964e289ad
SHA1 2ec715016cff00df377d6284f2646e92c261f6cc
SHA256 248558a216bd6a773663c7e54466591ef296c90f950747eae51f110c81bd2f1a
SHA512 c125dc43ed64bd78ddcd2c613cd71b75721a57f3508077c1358d38c19dcc6273425638c018f7fdee4a8e1a44d591e0d01b9301e5f7999e02e48d8834f9ca72f3

memory/1924-165-0x000007FEF5F50000-0x000007FEF63BE000-memory.dmp

\??\pipe\crashpad_2836_KGUFOQEEATDZQTOW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Analysis: behavioral3

Detonation Overview

Submitted

2023-12-20 20:08

Reported

2023-12-20 20:12

Platform

win7-20231215-en

Max time kernel

118s

Max time network

120s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\Particle.exe"

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\Particle.exe

"C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\Particle.exe"

C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\Particle.exe

"C:\Users\Admin\AppData\Local\Temp\Electron_Cracked_V3\Particle.exe"

Network

N/A

Files

C:\Users\Admin\AppData\Local\Temp\_MEI16562\ucrtbase.dll

MD5 0e0bac3d1dcc1833eae4e3e4cf83c4ef
SHA1 4189f4459c54e69c6d3155a82524bda7549a75a6
SHA256 8a91052ef261b5fbf3223ae9ce789af73dfe1e9b0ba5bdbc4d564870a24f2bae
SHA512 a45946e3971816f66dd7ea3788aacc384a9e95011500b458212dc104741315b85659e0d56a41570731d338bdf182141c093d3ced222c007038583ceb808e26fd

C:\Users\Admin\AppData\Local\Temp\_MEI16562\api-ms-win-core-localization-l1-2-0.dll

MD5 3589557535bba7641da3d76eefb0c73d
SHA1 6f63107c2212300c7cd1573059c08b43e5bd9b95
SHA256 642b01bb93d2cb529acf56070d65aae3202fd0b48d19fd40ec6763b627bcbee6
SHA512 7aedf3cf686b416f8b419f8af1d57675096ab2c2378c5a006f6ecbf2fe1ad701f28b7be8f08c9083230cf4d15d463371e92a6032178cd6c139d60b26fbd49b06

C:\Users\Admin\AppData\Local\Temp\_MEI16562\api-ms-win-core-processthreads-l1-1-1.dll

MD5 774aa9f9318880cb4ad3bf6f464da556
SHA1 3a5c07cf35009c98eb033e1cbde1900135d1abf8
SHA256 ba9fbd3a21879614c050c86a74ad2fffc0362266d6fa7be0ef359de393136346
SHA512 f7b57afb9810e3390d27a5469572fb29f0f1726f599403a180e685466237dff5dec4fdce40105ef1bb057e012d546308213e7cec73e0d7d3c5815eec8189a75d

\Users\Admin\AppData\Local\Temp\_MEI16562\api-ms-win-core-file-l2-1-0.dll

MD5 bfffa7117fd9b1622c66d949bac3f1d7
SHA1 402b7b8f8dcfd321b1d12fc85a1ee5137a5569b2
SHA256 1ea267a2e6284f17dd548c6f2285e19f7edb15d6e737a55391140ce5cb95225e
SHA512 b319cc7b436b1be165cdf6ffcab8a87fe29de78f7e0b14c8f562be160481fb5483289bd5956fdc1d8660da7a3f86d8eede35c6cc2b7c3d4c852decf4b2dcdb7f

C:\Users\Admin\AppData\Local\Temp\_MEI16562\python310.dll

MD5 9304bebb2d03f760dd14c8e6fa0ebad5
SHA1 1f17413959d56dcee44bad64f46c81fb75910cc1
SHA256 97ff1291bcf9b01e710853c920218c7d9e0c762c5a273ee3d433902db2d00aa1
SHA512 c69f3a1f179f89c55d124747b3c9c19875e1c9836ecf3a67e959cf9c676750faeb37b54887b6ebc0a7bbd1a4f54f0e38cc85de0a662ce92eb5c4a0e19477b425

\Users\Admin\AppData\Local\Temp\_MEI16562\api-ms-win-core-timezone-l1-1-0.dll

MD5 b9a20c9223d3e3d3a0c359f001ce1046
SHA1 9710b9a8c393ba00c254cf693c7c37990c447cc8
SHA256 00d9a7353be0a54c17e4862b86196a8b2bc6a007899fa2fbe61afd9765548068
SHA512 a7d5611c0b3b53da6cac61e0374d54d27e6e8a1af90ef66cd7e1b052f906c8b3f6087f4c6de0db3ae0b099df7689ecde6c815a954b728d36d9d3b5d002ccf18e

\Users\Admin\AppData\Local\Temp\_MEI16562\api-ms-win-core-file-l1-2-0.dll

MD5 2b36752a5157359da1c0e646ee9bec45
SHA1 708aeb7e945c9c709109cea359cb31bd7ac64889
SHA256 3e3eb284937b572d1d70ce27be77b5e02eb73704c8b50feb5eb933db1facd2fc
SHA512 fc56080362506e3f38f1b3eb9d3193cdb9e576613c2e672f0fe9df203862f8a0f31938fa48b4ff7115dfe6016fa1fd5c5422fdc1913df63b3fde5f478a8417a1

\Users\Admin\AppData\Local\Temp\_MEI16562\python310.dll

MD5 12988583702e0d62dd7fad7a0a62c04b
SHA1 8ca57e293a7cc406e28ec6ba80ea141681e43010
SHA256 11d31837a65f9335d1e99d99551968d5a04798d9c3a085d05da4337a4c01a4a8
SHA512 f2870d2134b6689f1c354ecc0752fe0091be33ec7420433bd2cdd5860e9b27573ad79e0f879c11c40724247d33d1563dbeb296658bdb6bb442a011512cbd55b2

memory/1440-165-0x000007FEF59B0000-0x000007FEF5E1E000-memory.dmp