ceb56d2a52730cd424d622d84131aeb297a1ef610399086866e88b026669b9ef

Analysis

max time kernel
15s
max time network
154s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
04/02/2024, 02:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

_957d484a-e84b-4e44-ae94-2232e9314a4c.jpeg
Size

156KB
MD5

ed130a01c0be707c5f09c6d349e62d2f
SHA1

f249c0d28e414d04fffe4631ca1d60085ad33d62
SHA256

ceb56d2a52730cd424d622d84131aeb297a1ef610399086866e88b026669b9ef
SHA512

a3e281f6c518ad5932a35a992c84beb101400f095dfd09c5413dd59cdc7622b2f370fbfcdd470082c4efe967e092dc0ba2dc28d23b10763c21c1370b971c2c8f
SSDEEP

3072:s0/yJNRExSbHxsyu+BBA8Wz5DKvNYgTvcJMmrn+6c6RRfi:s5LEmHxsyugBJAU/vc+nDX

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2696	chrome.exe
2696	chrome.exe

Suspicious use of AdjustPrivilegeToken 12 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe
Token: SeShutdownPrivilege	2696	chrome.exe

Suspicious use of FindShellTrayWindow 36 IoCs

pid	Process
2004	rundll32.exe
2004	rundll32.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe
2696	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2696 wrote to memory of 2768	2696	chrome.exe	29
PID 2696 wrote to memory of 2768	2696	chrome.exe	29
PID 2696 wrote to memory of 2768	2696	chrome.exe	29
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2680	2696	chrome.exe	31
PID 2696 wrote to memory of 2572	2696	chrome.exe	32
PID 2696 wrote to memory of 2572	2696	chrome.exe	32
PID 2696 wrote to memory of 2572	2696	chrome.exe	32
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33
PID 2696 wrote to memory of 2600	2696	chrome.exe	33

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\_957d484a-e84b-4e44-ae94-2232e9314a4c.jpeg
1⤵
- Suspicious use of FindShellTrayWindow
PID:2004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7339758,0x7fef7339768,0x7fef7339778
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:2
  2⤵
  PID:2680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2280 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2288 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1392 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:2
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3224 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3468 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3588 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3716 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3808 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2596 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2812 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4160 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4324 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4332 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4320 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4584 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4156 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4804 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:2912
- C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
  "C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe"
  2⤵
  PID:2552
- - C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
    C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=95.0.4635.88 --initial-client-data=0x194,0x198,0x19c,0x168,0x1a0,0x75135438,0x75135448,0x75135454
    3⤵
    PID:1664
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe" --version
    3⤵
    PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1732 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:3040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=3668 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:1372
- C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
  "C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe"
  2⤵
  PID:1808
- - C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
    C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=95.0.4635.88 --initial-client-data=0x194,0x198,0x19c,0x168,0x1a0,0x73995438,0x73995448,0x73995454
    3⤵
    PID:952
- C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
  "C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe"
  2⤵
  PID:764
- - C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
    C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=95.0.4635.88 --initial-client-data=0x190,0x194,0x198,0x164,0x19c,0x72ed5438,0x72ed5448,0x72ed5454
    3⤵
    PID:944
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe" --version
    3⤵
    PID:2400
- C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
  "C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe"
  2⤵
  PID:1556
- - C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe
    C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=95.0.4635.88 --initial-client-data=0x190,0x194,0x198,0x164,0x19c,0x73435438,0x73435448,0x73435454
    3⤵
    PID:2228
- - C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe
    "C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe" --version
    3⤵
    PID:1776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2632 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:1
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3244 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3304 --field-trial-handle=1376,i,13546070075360573586,17134767435113368582,131072 /prefetch:8
  2⤵
  PID:1072

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:528

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

Filesize
230B

MD5
a3a5a5b0333dcf14ac277177241ad6bd

SHA1
679c6db41c61779a9bcf648d280d61eebde6a6fa

SHA256
5488e52ba9033cfae6ea59bdd9ec00759ad6ef96889de40cabf242e014849509

SHA512
2e430f08bfda7efa05cd9f69a7270d40ee7a94f876b74f63e635bff4903e9d55985404c94a35a073f7431fe048cba06c004f594184d9858ca74b0b86f4dd085f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e32a048d54e862addec90470a0d891c7

SHA1
d9995d5e547903ff19ffdd0033357e9b1043df1f

SHA256
1b8dc061b6fd7a89629ee24097dd038e6f0c5b0bc9843ce5cbe71b068bfccc69

SHA512
2f11b30e993be548781286b1591dc0f1f78c1243b45457b6de506ea2f14e930d925685a99baab44e19ea3c1864fb61f7fb5dbabac7595ac7c5893731888f6307

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
91ac8502e87ac84dfa2dc84e31d5c601

SHA1
15428215a8d7915331d45009c497f33753f741e5

SHA256
1d915cfd8d722699d362a5d36a7f28faac4c5888555e3c7762c8df8f361e82f7

SHA512
829beadee61412cd472de831fa138c5ea8e9be41dcc27aff6a12f3cd373b78da200432ca7af5c5d0b773dadb318de6dec5ac3d6343ab3701df6a787b1a8793a5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ac92c1d142ebe661b3b492b70e5d036b

SHA1
7f861cac90c0cc0ebe6b93b344cb2513c06fb5d6

SHA256
f32211194dce50d228c005ed3cdf00d8f0744f1b71a3fdb76383a63791bf6a60

SHA512
2d97e4af8005049a05f32653520b355000952ee460e1c628693ac4b4ce574ab5a2fc17fff540ee01a74bb1fd306682a7afcb972775c66099b6d7295c4b0e7a45

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
571cfec67675f3b1003ac86c62c5d517

SHA1
461e1b7c3a2718551c4ed0a04bb28f0ae2b03e3d

SHA256
2bea3c95bb209468b12abf9c612b1d8e818f7ad737bcdc1d714eb62b518c5d8f

SHA512
7c2a2615d665ae5125e1b2a41505d2027cfb34394c41a1d5e9f41c0c5236c316b14604582d8740bf2debc97c9f413c7fd167d9a168197489c4202cd9e3900d76

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
df180dca65edb1cdbb5294d8af917d3a

SHA1
4389b13707c2a645a94cc355368593bbaf77567f

SHA256
d81918df67a8f5b2d0881e18c815560eec5b2a312519e2e8bcf0e39f68ac9599

SHA512
26d090b3b2e100b272f3cef38fcd3a345e0807fa37858d39dd923845e9fe55bd6d15a3ead831630e86fb78afd8dea183b8cf26ea51977ac8d9c5a7b3ef9c50bd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b4de6b9905f483ee675ab7ec123e8d87

SHA1
83eb89b263d37974dc0fac386117067364f41738

SHA256
9e77a1c3b383d11d337a2a7c01f92cca09b91c7f0c9bfbd29c99720c1a8af8dd

SHA512
1ca87737f64995e8997be292c72a6d04fd1b20ccb79a16c4df98a59781d3a589f7b443c89720bcbfc52d6f771c89cd185284cd9f1c184e4cf482be610ce947d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e9d974c96d49d00510232a1fd1328650

SHA1
18b789faf4f4c81bb4fe24a9d4aa0d121d7e7974

SHA256
f1528d45b724400743a46c05f97b7b721690dd642d51e5fa4658ac3a0bfb0863

SHA512
23f0d246786e026332199fee159b2bb452bc1092ce212c712e32e31ba034357b11dc2d8f1b024c500f2aea191626e7e67a25f3d502245d7940bf8d0ae69013b5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
425322bebc9c3f9f281c49a92f470e96

SHA1
2a3ce029411cd02db47e81b499664cfe8a939920

SHA256
d6fe9bf9aea17c8a405a241f19efafdc13ff1e4cf159336bf64935600bd2cd17

SHA512
9201f1cb6faa42a6590a7cfb63c6996a4755bef3409117ed4a57d33af9e2114def88a38ef231c3b376052308e296f53e5689feea171d2037af4b4ecddb22b323

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f93cb4f35efb14eb31b6d152e9aeb21e

SHA1
d3d563e43b2cf734aee0002e332173eb2cef7222

SHA256
54231a929d010e9ecaa1ceac8ab0d2c8f4c47822114b14f41e50e27ca7e5d7e9

SHA512
71f24cbeabcbf48e30a9a2259ebead4c73f7cd2ec84ab06e830786889fa8ab0ba1546a599fc7dddec66e1fbe002c85030e629a5642a1d9f040f256ff02b65296

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
89e05995431c5f9c231a94f08d11a9b9

SHA1
e7f61124fbe2082e5824c964530e697ff250dbd2

SHA256
1cadeba9b13a5e7e197e75c06b59a5c434d57a7171ae3cca68d4d9ae0450d83f

SHA512
066ad72ffb4000a7af68e0f4cfd26ea01fbb79773683b7dc0f9d7846125a5918e30bc04b87cc455a6c924438927742780a41f8ed6427f7b62a60d3ee2606a4c9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d5cdec6280593ad5845bde714bc29262

SHA1
a15fd2eae9a0a1aa3f67ea79db0d08dbd8564e81

SHA256
b786e87d4349ad87a5087273fd82dd57989e031bb92658785e3068721087bee1

SHA512
9ec5f94061dc5042686fe8390b3a346c3f333c7b5abb4085d76b6825b6cfda7c64ab0bbbbffa7ff81dcdc77029a1e8eed2eb411d304814d38c6555fe2253b98a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
56f0e40d08ba2055e672d05af082dac6

SHA1
12683079ce78be4bbaec3fd24f25397b57cb6602

SHA256
f225eefac061351586fde250042a7acc9cd6f904d4c753441a7924acaf1f6271

SHA512
e394bc244fb36e7d3611e1404ca44424f7e4b41e1f8caeb8a801e18f0e7be02df0799b0bd65a2f539960694823d5f9c240b006e638c19acc041a32eef16725d3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
61b6433cc6699fe70e4d68f3ca4264b2

SHA1
8dd4196f2b945c5ba334c765c5a50af7109287e2

SHA256
9a35d5b1e837a6f6b9baa1cdeeb0854e45656e7bcc2af132d107d1e08827f139

SHA512
ce481459516c435d4a9ce5dd89ceafabe806890813adab2414789d6ee27963c7e4c9841c036a3a224b8047e2c03b0e027f393bdb0e530be48dfe100343794baa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
92fadda46a5bc39536ab2d5094306355

SHA1
b18c260713e09370850f25e96cc18531af27b662

SHA256
9e1994f94218f56f5dde1afddbbbef4bc8839c8bed0b87cab66e24ec77683011

SHA512
bdce09cdcfc76da5ea1875198f13ff9ae321458a7406e47d86e994b9faafa325049b08c6693d5426bb74dc58a218ee4a9186b62d7761538ad8c5077dca06e4df

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
39f527bbea03aef86bffdd1f4edda364

SHA1
410568192431df5582e11b999da5dfa58f928c60

SHA256
e0ae097d0b2e7bcc0bab2261b191046f083fa74d066890d0beb805bbb7af0994

SHA512
fae726fadcbf57d019a9c8efe8d81b1765570167ec7df8e505aa5f45cd66ba2c5ec5490ba80a3a701cbc3fd71c3f4df0feedc1e9a2bb7778199e6497086aaa94

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ab5b818755e3a11d2dfb24685a444fca

SHA1
fc03a54727baec5ba5e022d7a70b039ec8491480

SHA256
678edcfb1fedfa2404948004b4c47564f91b5e82160f0f3b303ac74ba390f37a

SHA512
40a65fc04e5fda7f5a8cd395891f00044ca88a9296567c166c1b65a30a545e05b28aeffa5b8fe74dcdb93a9ca58247726a37161fb0b758ac9c254af2eee48450

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a2092067394e0b9c9738be7000220830

SHA1
b3bdd2197f6b1955815526f64ecbfa526cc5e598

SHA256
5de4b52d5175f8e7595610471c802aa4f10fb429342c69a2c92c11227dda59e0

SHA512
bccbfb938579c4aaa9c471730e972d442acdd6e57d1239ca9068923cb640833996096c35da046ebb665fb9f9b784d1e0a6832ebddeb348cbc7260ca3181df9b9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1b5bd2abbc35aadd2bc08dcdec5f81df

SHA1
71aa23a1e708ff480aad673aa4fd2f371f24bffe

SHA256
20a0cf5940f7d66cba7a3c4787a5f8acb3c5130c06c89c393e7e398704dbdfb5

SHA512
186184bcbd8db2654262c4353e6145c76603f0367f719f1c9f935867c77109ef730be535bc96c4c9599ae8a8b01d755b5fab09248b251b65888a50ba362cd2fb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
36bebce280f55e057ed3ffcb517860b7

SHA1
614bf608eefb327f6b17151cd2f63d43c8c4a1b0

SHA256
83d31daa2aa68e776d359d98eca97043ae3cd1b3b63f6335d9381167e82fbfdc

SHA512
ac31611479b4bb26f41477a00bd3c224f4eb2a9e2404c3c18b7b11617e2aad747926b36bbe11d13e80d833ff6d08982783b705f4894227508fe5544e2b9d83bf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e586abaec2fdfbd5340f62123b681b2c

SHA1
47e7e98d4500a6f73827b9708d07c6a704d9e288

SHA256
21770c9d01b4b3bd8a2ff75ea5affc44479613601a8019bec44abcc560e92f96

SHA512
45ff7f727c5df059c0fa4dc26250598dc05f64c7974f257f5129abcc6cc1205339d211be61045f04f81e92c5a43ef0edd115611dbdd8c0e7ba2a108099b62c4f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
94e39aed724edb48c72b715f6413a831

SHA1
aa160c4b879e1a3d3b914b9b513d232b3c9177ed

SHA256
7af96c18cf314899a837f34b8210906f73f0a877a6ee29153e98183f7b15d88a

SHA512
909ed38000c15d74cfa098e07698265930a7092236301c71200901f30febf9d77e3ec457c26cb13ed7c0a965f6b85848e04c3caf397b2ed84f3cf2d0feab25cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3fc0074c-890f-488b-b6c0-0f5914fde088.tmp

Filesize
6KB

MD5
c44fbb521b6a14a3848109a478f9f924

SHA1
b9e9b189f03e840ee1884791e65f3f946e70e4ad

SHA256
1b5ab8e9e5c93732211befd7fd7ad0521a6a3abeb83de3297d8ddb1689e26215

SHA512
49650ba296ce8c6b8784346026c599691e2d451fae1ff61524176609a34835f903c17f67148ba00226cab08c25de083d39e9d194496957ca41a9f6692b65d05b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\85ef5834-818a-4d18-abb5-5f55708f731a.tmp

Filesize
5KB

MD5
085438cdf99654fa8f63cbc75af0a1a1

SHA1
f9a215652d9ca76ba9514ca28fbc7571f3cbd9f5

SHA256
b2bc494753ff4876f3ab49b45edc3110c6bd6c2f8ee912a1aff780b222bf2233

SHA512
3ba30bafe56b45627edbf85a5a878ae2dc08c92ce7f7aa260718c42c9910ccc544826e9a607dc5f1b563058b930ab64320566ef18ba5e1d5bb4908b84ec168e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7bfb11d5c05ad8d28bf21cf0253fd58a

SHA1
d3604e956e228811b8a43b96da28126c2fe77b57

SHA256
57d21d1872de151a1b315d76c64f0f2bf41bf7887e2be2505d91344acd421ece

SHA512
3f4fb7d8696b5f4da3de72a2c2169654f279d48deeaed1941946f4e8d52bc4eb3cefb24f0acdee7214d5f8d14a3a2a2dc2932a381ef3363208ba93dd591e98de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
794b971ddcad80e02fb1841de2dfeab4

SHA1
943db420a7ecf2ca76f864b2ce900277144632fc

SHA256
9c3cfd335391cf28a0eebd88abe881c62ed48f95f9f4cdd16aea7fb0f77e8320

SHA512
a2cd6737eda83299ba6276e6878c6b5a4cd4ef07e9d091dde0be2de95dbe5fb219ce428dfa61133d7309edf926c2f28790779d1b10396b406e36c7c4d4970476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
a651477e9904f9b38e43adc0bbf90bf5

SHA1
19057e6636be6be836c96101dddb1d472399b067

SHA256
b3546d17ecd35166c0365fbad37489ffa67ed86d4ffacd6fae6251e387305f0b

SHA512
7ecc1d8f90e6fc81e7c9696b5a1d7ed6a5370c7bd57e1f5fb0ba35fc865e3726387a7f2c121cf3126d4e50fc2c91dc7abe74084eaef51ca056d2bae066ffe6dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
874dc710af7eef475daeeaa38b2daa42

SHA1
5c31e0c20036ca2cc6280a41dc16caa081b38d84

SHA256
6eea058a20173dd87575f950ade885229c748c3aec152437f7f01dbd04d92de8

SHA512
877a0838b72674c820e0449070bac288693b0ccaccd1449eacd60362ab8068aa9a7dc91808182358349fa06c9ef2140b780d23332871b556290a5acfd7c1ddea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
915bd285e90be9673231bc07668c7e72

SHA1
8aebd585e05a5046f9002200157e2893a74b7b17

SHA256
cac36d35ab3ed26df509f7144fe51e823183a32a490690897d5a8f4bbae7704c

SHA512
bd708d5dcd3c826668cac0919690549be5ff34f3bf4a2f995885ea71e0727c3a7c74ecba94c800dda8cf69ad3dcfbf19306319b284c853deb89f6b1b4e3929d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
1b95d24ab1adc696a47a8931af94072e

SHA1
d1de8a88d30eff157a9af0a5b7bb84245192200b

SHA256
36818ceb9ec0a67641d98679c6c464302caebdd6b94375408d50b012f9fadaa1

SHA512
d38e5704d647120f55f0714beab03b4d6538f6d8f96e80ba436750a6ca0974ae2b075ff737992facf8556718e9a7c2ba570b7232ea056599eebbbefe66589671

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
7d32cc0da9249cdc3afb83528082370b

SHA1
0db1c3fb510c66e058fdb15b8103ff2cab9e6d6f

SHA256
831e66815085b58df093522b8b9b1c41c7dca08bf943690e577f4c84c617423e

SHA512
52ea5a17ab8f84661b580d5e4ed43ffd25ca8bada483eaa0143834baca38d00dad848d8c3451d4d4d46f507e408874824b8a9289ce0ce174306311a81f6b700f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
233KB

MD5
a96ae67a647bea2c9b3a84e809b09284

SHA1
d3889c7a88af0c6ca1d37401dd379cf4393d53e9

SHA256
dca7dcb0bc593a45ec1ddaaaa5e561b7068a0f5cea369607c1b8abae09e6418d

SHA512
c788c33214e53278654565ac9b034654f789c4321d2687b87fc35935568fb7bab677f27b7808dbc661a7618c36706fda3a8b2a1566eb3b05914560fee001446a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
233KB

MD5
111baa503467c0d210f3471a2b4d93d6

SHA1
322e065d015ff30987d5a3edcf8b958bae188a0a

SHA256
56b41a9a55904979c8be1e940d6d290f78c9c2eb014f29f38a3d8e4efe0b4fd3

SHA512
6214867cb50f8852e89700a7a191755513bcd2e1b93bfe70e142d3335ba0e69c2d3101e3194faf32ffbc3d1daee7fd9ae3611f1b8e5877702e33c0880f3b711f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
74KB

MD5
f4e5183576300cdca7cafa87d0cf2b9e

SHA1
1c3b01e7d6476979394ff6b6e6aa00e9d2d8bef6

SHA256
f4c90a1f18c172809a6089a40819a6be5b5e456db8d0b51d0eb7e8159c2eca71

SHA512
0ae723d23ff2e0b527156fbaf8780118f54a5f7e2e79814d73ca10637a79ddeedfee4ff29fb3d326d88a2cb8388c369a1f2eb07667efa4bff52d5f65feb23300

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
81KB

MD5
82016625a76dcbeb9c0df6e0b9b62b12

SHA1
7d726a8c848b6d7152c2c14a5aff92d497232e3e

SHA256
6ffea1ec5631246721b09e95ac02bfba6749e0713e2f1937c79a776214d21d35

SHA512
49e1a5b3cfc189339c9d36c8f5a6b8de25d9c6c50ec12c1aced0642b3617a69a16b71b34091db4c93afc125e1659d61e53bd79432c7ec12ce673c1aca435de9e

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
53.2MB

MD5
ee7f648a9852f3fd67a41c4235f82856

SHA1
6063c03af018baf93015e7141ff5c192da0a8ac5

SHA256
cebbb440c8c3656c2e3ec6967b7582ff83ab3ca2003175939ea13a1efdd5873f

SHA512
29e5e20677179bfbb62125f93a6ed217cbe9c38c0fd9f345a34004aa8c32410b7417c106fa96cbd2ecd026aad7edb2d7fc2397a3634f24a14bb019c546b6ac03

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
448KB

MD5
dc5372defe2313ae1a17b293bbbace3f

SHA1
83ac12c38a001911b97beccaa6ce4b1275210d45

SHA256
97ca021023391fee228ed361ec0eb57e3c2aa077dd2756d291491857887f17a7

SHA512
c6dc13e41b7ca5b19c93f01d0cf50e273a344e22cd7f0172e2d30256010d67b8155cffad7884bfb2e8ad6dcb92d1f620d7c895032dd30606b2cf120cea13ca66

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
384KB

MD5
2a7c2554ed0c7db4d97436881ae7d012

SHA1
375cc9f48c38714dfa137d45da38944121f2b25a

SHA256
4442f1bee16136d9819ca5d41fb44f8d524b1bfd4d832df4a6bd71933cfc2d1a

SHA512
75a4081825ea25f74138088aac1dc1df9789501a4308307582a9bc4a7a860cd9640e2a98af4c749722a3b36048d021649a278ecf5d3e5d3775d099447ce2c3d2

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabD28D.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarD2BF.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\opera_installer_ui.lck

Filesize
4B

MD5
e94dd03aa80b4690fde99f518b3edef9

SHA1
8397369b4d1f74906a63838d45f797e386dbc0ab

SHA256
5db1d6228268e32afabad4fe4e54594964b6bda0d30d79621510433e9a54cc36

SHA512
2d3c1be4423d499cf9c203f2bd871f149bd3f9fa9410940b905127f78bbd5fbdd1a437c7b79aad036b49342180dd4524f763131756ec1eada6198099facda574

Download Submit
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

Filesize
40B

MD5
dce617e1143cfa12b7d0ee93a06babb4

SHA1
3d7433227245e3be68ad7167b3be36f06f61983f

SHA256
f8d88bf49860f731a406c6304283ad89885ceecd9fa99f9f8e0286c8e5ff2f07

SHA512
e06d50592a50efbac37a61a83fad673fe323e9010289dcb61b9fa808d1fa7ce6aafea76897b65964251ac58d111932afbbc35fc029584be5eb8c21e2ca9e142a

Download Submit
C:\Users\Admin\Downloads\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
2.7MB

MD5
63cfa930446325015f8c964165fd24e9

SHA1
04b82f89fa7fd5583fc540138b1af728f452682f

SHA256
47900fb0c7e4582fd1e7d0997f2a571637698cfe9bf9d47314b02d110680ac53

SHA512
b923f6f679b34648523988e4d40ef00ae1e86d089a4611765e506642a47dfad4a21e32a51a223e91d46be3cedb08d3f7b84921014cd84a43669c8dc7b0c1c8b8

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
5.8MB

MD5
ca7b8c21d56866c13744ba52457e4e22

SHA1
f798073481a1190478ed509f70fdb869cee250bf

SHA256
657e8f0fe741b9c85a1e875897d4ba9c8c0fd934543d60bf69fbaec8d4806a5b

SHA512
f81ae90171f7666a76ff1890fff72170e18b8c1eb36ba1f16dd9e34e1dc1ebc2450c536b64842950cc0c654da9820ad586a33496604192a213e2171cca34ec91

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
5.6MB

MD5
2d2186412bb834d43d8488724709e7cc

SHA1
06e966785dc8309405a5caa4317f903f17d92fef

SHA256
8b24c3ad76efe84529184642f91c491cb0a524f04389000911158eca145bc1d8

SHA512
0644edad56f15d95374dd52b81c43a7e8e8a9c6c3f219093b72b6e6819f0430c6d303cf12962fa98bb51d5049803eb3dc08ed675598ad4d00e3c2784d2dfd023

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
3.4MB

MD5
3ce91ebd8e5f4151d6e3b8d7ba232c62

SHA1
d81a6bcbacac9b60c9aa5b2c99d8cb34b249b7a9

SHA256
874b433264be1f47d591aad5f5b54ac1f76a65e7051c6a1461e98c35aef014bb

SHA512
7d1132f85d51b383533e6b1cec7a341dade4762623fddb16a2fdfe1c4242e7c62dace227a3887a093df474a382fa6c1ae78a78500833f22e43902c61da09ab0d

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
2.1MB

MD5
4bc6cceca63f754b8e62048ceeb3afcf

SHA1
83f949e715001a1aa072fa5d19c3bec24fb86426

SHA256
a6738f6427131c0a8752d5abd2b090c5a7be208f8c5d64fc4c31dc8f0aea9708

SHA512
9a47c927df74ad89fb1c74dcdf3f7a85cfa32cba47d09e4945e5a08bf1727181854847cb69b5907e3d2c18549832639f78d94a1bf7fa3714a5b175686d2a4dd8

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
2.6MB

MD5
416ac67f45445b715a634cf137acda68

SHA1
47a4297ce7164a36456d56c18db35c8a0a474c57

SHA256
99d70cb171ad9e80b1296b0fbc7b0fcabd47c65fee9085477b8e6f2ac02598af

SHA512
26e33b280aaf0c74bb2a435800329e303d7731349cd2b2cc81d0fde4beea29f8e646ebed532172d73c977b04faf12097ab0f122053a54052cb1b699711717b4f

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
7.9MB

MD5
aa87fcf2d038b5ec259b0930b9c33650

SHA1
3de4a2e23dc55a2f40a03a5b3e1d7714c696e426

SHA256
650a98023cc0c6297b2c8b424340a215a42948f0d26d78ba5b1c899bcde91abc

SHA512
f1aec33a09e9cb44583821da562b0b978164e33135f5e7c5839f7271c8abaab1fe32158d00e352095f2b478ff10d0e07b6fb2330f95a9a93ff4a3cdd8df10878

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
10.8MB

MD5
4fdcfa3aa9f5353f67ddd6d092a0c6d8

SHA1
88a795170980099f3aee3ef95715eb0785c6b3da

SHA256
29f6f9569fd832b2b9c8489c695b9cd0a781b34bec574bd07396341eb8152bd4

SHA512
22f2ed3c73715540e014a10ea2b70757eba6cd1f5f0ab883cb2c5af6625004bad9687befe22a75f7746b42b935031846c61b6ff4e56d98c3269e76717c4df2c5

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
6.0MB

MD5
40ca08fbd0357f15e61494cad0197eca

SHA1
a080ddcaa5e9db25151664194e42b22c7788ef0b

SHA256
05a7fd603d1b29eb0c348e27be5546126aada781186f5382ce2e3a085f1f7782

SHA512
82c9b71c3448398825978dc03b05313a9743e6b918ad28eac1819488c26a0d311a4644e89e5b4f00dc8ae8521d4429b583b6afdc4359b3da8e6607f7142ffb59

Download Submit
C:\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
4.1MB

MD5
ca35280027a5cddb1404ccdc9aae10ae

SHA1
debbf1151b60cf63bfa2fea94c5c89d3033b7735

SHA256
bea318719b2032ddec7faf2e6cb05b956a0e6c2baaadf0593ca983cc9c4abc71

SHA512
09daf516b45bcd0854e04e9115a9d91e8637237907c0ccd267b64e82f82102d5eba45267d228027de1b7e91f317736037aac42acca52772c11c9521f4154bb30

Download Submit
\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
21.6MB

MD5
451fe34add9017c4d11677afd74b003a

SHA1
70a06adef8a932722a86439b21c945556cc0fec1

SHA256
e2879dc607a68926fccbec71dae1baf93ae9e051b38c21a6cb75b983cb6c153c

SHA512
c442dda00e2409bb97a7c6257fd1f1cdea10361bf1029708877dbc88ff8d534b704764f7eeb983c3b3442bc9fd0b2ab5fd9a86286ef1e0f44e2895526a2767e8

Download Submit
\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
576KB

MD5
0db52f7fbd529b563efe10ba00d5109b

SHA1
e32e44ca31a78fb87a892b63da94640513a59ba6

SHA256
45dc7d24199197599ef83fa389208f1fae4aeade5112b672a2733bd7983bb876

SHA512
0852598177294aa38d55a6e281ad51cb1803c000f2ad137a326fe821c77119cf63892d85ce1a59873259b60ac28e3989be2ceb95741e9b56c96a9abadf4f9249

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040244020212552.dll

Filesize
3.6MB

MD5
03e46c3738e56cafbefaf8f1abf9121c

SHA1
76aee5f3ba0c47dc149d83e1e36e0e472a29fc05

SHA256
4d41003eae45b93430e481337223929ec7cb91b61d2de44c4b612896b2f1370f

SHA512
b9f8995c8e2989e6bf55e8518c53bb536f9da592b7b15591ceff8f5c7a5b0d741f5c9ccab906d4c7cad0727c6f27087ce0da39c8f6d8bfaa3ffc565c8ab7c47a

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040244028491664.dll

Filesize
2.6MB

MD5
3ea873a7ec33bc8e8b576d9f3550e66a

SHA1
3b27ab601e394220646cc0df7d889634c72876da

SHA256
bc540522fd64b72a87486dd104f6656a75c96dd2f2ec94cdbcc0fbf7ea7252eb

SHA512
f6f11f48e55f0929b3f736e4fbf4d7ef51fa69d5b04a142beec43107f6c321f9abf35ddea74cbdd476567f0babacc0feecd4a11fd10e23070c29b94231c66503

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040244045331704.dll

Filesize
5.3MB

MD5
bd7ed8ac8b62406ed11845b4bd911047

SHA1
70f714e32c2838518d647056e39de16cbbf18f5b

SHA256
1e6447f3549610e2fcecc244aaa3fa5ceb1596b3f3ba5eac15837c639c704b70

SHA512
d2c062ad26774f5c1d173286ed4f276fcc1e27aa5a067d02b63aee1e3fd150a671c91f1e3e9496bd90988e15277998186a3d3b56db4ce361894642679d249b7f

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040244460421556.dll

Filesize
3.6MB

MD5
38ac5ecb13c1b16dd2c3cb7323c9138b

SHA1
78c03b2b2c51245de63aab263d7e964299b5dc10

SHA256
da4de37256db282c09cbeb4f50099e0b7dfc0bc494be03d5fb3f6120936ef990

SHA512
b3f0396ef2089bc91f90eb4c3a933f07c12c803ed839ef3a2b10ab0ea987fe999680465822f322bad0046e205236f3fc94aba8978ca84616f3acc4b8bb008fe1

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_240204024446058764.dll

Filesize
4.1MB

MD5
c81e1c7241183d0a2ead8f77fc8463bb

SHA1
17b5aaf0b52efdcb9053ec6fa6c9e76f6ca56668

SHA256
558fafaff53bf2355a91984ae41c85d946c560030190fda936b57ac8adcace8d

SHA512
85adf249ff68ba85407f29f6fd936aefa832c4b412f128c1c97c3ba180f289f9dfff592a201c03ff209fa2aeb1bb75a8cb8b850b81622b667b9b639b53b88986

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_240204024456463952.dll

Filesize
1.2MB

MD5
e610471e51ff4fecf707952b18f33e9c

SHA1
0d68831afb391e12becc813f96cfa26e07a9cfa3

SHA256
e2e382a159dbfc26cd667108c7831fbcdfa4d4351d316f2706b0d63a22f479ab

SHA512
a1dc53902ff7df50bb8c3f5989f88f6cc47bc35db2565eefeced4b198b6e55dd5d61a729239ca7345dfca23985dd0952c7aa45765e543c95f506a97754cb4d43

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040244595092228.dll

Filesize
832KB

MD5
d6277c9b54ee8c31fcfbde77dded75bc

SHA1
ea8d53b5f950f0734d97591fdc2a11a1917b41b7

SHA256
c7b8f026222ab0a4c009fae2a90bc83ea89d97058362808b86678c01992efd33

SHA512
68405e75b960dd692620b74ce27ec1ba736a9f1bd6aa0c8bb4f098bf94661de7cd19344dc8663c9210c171c227c361ff5bac834f9d0de5df10a2157d43d81f89

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040245018822400.dll

Filesize
384KB

MD5
9b2de9a6c5a6c30e018a33d438627a05

SHA1
0274fe318970e07cf10e2e74ee7b9443403dd02f

SHA256
cb5df2c197521477f244b9362fe2e43eee788f97cd4d257433f6f8c9b33745ce

SHA512
c0866eb3c05ea180d4e23afa656a4c206e61ee368345ca2628b82c4b76ace264dac313e1ceb0599164f6ab2d1473540e365b00cdb76b5780dba23606b08ace07

Download Submit
\Users\Admin\AppData\Local\Temp\Opera_installer_2402040245276901776.dll

Filesize
768KB

MD5
076fb89f9dc8a81a36c41f7a1f3741f2

SHA1
70a4c5d0fde970a59a04b0ebbdbcad2d31e4c261

SHA256
0fa93ee2a8f67cef024e7c3e344d00bdbd4100e62857ff9ee6d951db4598a850

SHA512
ceb0241e5de6059b440a94648b7d5319f96f2e356735a83b7814de30bd3b77935857aec6d023b7ec161b2a8477290082b4e946ce915136526c5a0583cda2e71b

Download Submit
\Users\Admin\Downloads\.opera\Opera GX Installer Temp\Opera_GX_95.0.4635.88_Setup.exe

Filesize
19KB

MD5
b5cbd0d9ebe402aaea0d2957d15646d7

SHA1
dc93e5e40f568f3ab95148a391c891cece3c8d61

SHA256
7c2333d5615d5f5e77b4954b6ba352afd0e07d447ef5702028d998b942fb2fa5

SHA512
7226c8ee1f048de123f24a3c49637c264842d1cd10dc9bb6c6a8752cd13351c3b3f83cfa480d732e8bcbdcf5376a19a9c888d74a05c1ce9b996c8fc7ae9e857e

Download Submit
\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
3.8MB

MD5
548a7d3a19fdee78988729f43c1c4bfe

SHA1
17aefc8fa36984009114ddca39060e0466ca59bc

SHA256
79df57888d3846aefe303e9c0c4695c963ac169be68abdf7bde2918954391d15

SHA512
39e950095c5316674e0868000379ab0d9666295d5f604e48565a8ea1dc185fcec2eadee61dfb05413ba42cdf889c4dbe9b86316794889081afbb4f9572fa3e15

Download Submit
\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
4.2MB

MD5
ddf79cddf9694f2e3ea421d91542cafe

SHA1
6bd849138537b8cbdeea246d692a9a0df59b9139

SHA256
17bd26442bdce1861140362ab31ba1ee1c7ab3cb600dd649118fc0558a1cbf4a

SHA512
a2094e9e5797cb7ccb10bca62b4debf0a74335495d88af3100c2a87d0a382a8da4048e3350b260ed6b7bf9afbe4c59a05cd1ded06d00cf2842b48052dfdbcb3b

Download Submit
\Users\Admin\Downloads\Opera_GX_95.0.4635.88_Setup.exe

Filesize
4.0MB

MD5
d357afaaf1832735618e5a80fd854cc1

SHA1
bce97562293bd540dca229ec78b950e33925dd0f

SHA256
6f3913a38b3ae9053870f13c4fa5993ddd0886bfaaf7a2bd92a35a65ad9ca332

SHA512
d67ca786f17f5708fc8ff3845ce22a651f14fcdf128eec6ec82157257db7add4b8116bab5e3db2fbc4dff74fccb31d32b3465a1479c93d447046777440af8b01

Download Submit
memory/2004-0-0x0000000000410000-0x0000000000411000-memory.dmp

Filesize
4KB

Download